last executing test programs:

2m22.831235092s ago: executing program 2 (id=1316):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_VENDOR(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x1c, r1, 0x705, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x40}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80) (async)
pipe$auto(0x0) (async)
setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6}) (async)
socket(0x2, 0x1, 0x0) (async, rerun: 64)
pipe$auto(0x0) (async, rerun: 64)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = socket(0x11, 0x2, 0x3ff)
setsockopt$auto(r2, 0x107, 0xf, 0x0, 0x6)
wait4$auto(0x0, &(0x7f0000000000)=0x9, 0x2, 0x0) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x80, 0x0) (async, rerun: 64)
getsockopt$auto(0x3, 0x0, 0xe, 0x0, 0x0) (rerun: 64)

2m21.529441122s ago: executing program 2 (id=1320):
unshare$auto(0x40000080)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy3/hwflags\x00', 0x40081, 0x0)
write$auto(0x3, 0x0, 0x704)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa})
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
getsockopt$auto_SO_PASSCRED(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20048801)
ioperm$auto(0x400000ffff, 0xe, 0x1)
syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff)
writev$auto(r1, &(0x7f0000000140)={&(0x7f0000000040)="244bba1eb58c5bbe3188cef18654938ed6f0d4417bb5ec7955b3a5530d7101f46cf53d5051c4f09eaae8bce1532e7bf8cb", 0x4ef6ecdc}, 0x5)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
pread64$auto(0xffffffffffffffff, 0x0, 0xe, 0x100000000007)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'})
statmount$auto(0x0, 0x0, 0xfffff7fffffffffa, 0x81)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
io_setup$auto(0xffff, &(0x7f0000000580))
write$auto(0x3, 0x0, 0xfffffdef)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r4, &(0x7f0000000200)=@generic={0x11, "0000100000000000929e006300"}, 0x80)

2m19.846103289s ago: executing program 2 (id=1326):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121040, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{o2?\x0f\x11\x90^\xdf/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x5)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/msr\x00', 0x800, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
socket(0x10, 0x2, 0x0) (async)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="010029"], 0x24}, 0x1, 0x0, 0x0, 0x4044c11}, 0xc0804) (async)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x941683, 0x0)
ioctl$auto_SG_SET_DEBUG(r1, 0x227e, &(0x7f00000000c0))
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='m'], 0x1ac}, 0x1, 0x0, 0x0, 0x4880}, 0x40000) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x800) (async, rerun: 32)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto(r2, 0x0, 0xfffffffffffffffd) (async)
mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100) (async)
r3 = socket(0x1d, 0x2, 0x7) (async)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r6=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r6}, 0x18)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x700ee00)

2m19.649420056s ago: executing program 2 (id=1327):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) (async, rerun: 32)
mq_timedreceive$auto(r0, &(0x7f0000000100)='nl802154\x00', 0x4e, 0x0, &(0x7f0000000180)={0x5, 0x9}) (async, rerun: 32)
prctl$auto(0xbbec, 0x1, 0x0, 0xfffffffffffffffd, 0x1000)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC0D0p\x00', 0xa00, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0xa, 0x0) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x1e, 0x4, 0x0) (async)
lsm_set_self_attr$auto(0xc5, &(0x7f00000001c0)={0x7fffffffffffffff, 0x2, 0x400, 0x7a, "6d4908109197eca9d94397fc90ee72ec88d94c2768e2eefd552e7a52eb97ac079d7c0c653889fe04901b591c0e3da2401bb80de70f781ff51ef04f69422df34e7a4467f0fca2c9a7b571713c7abcaaf5bd92c30c51f433851b6851768b0d292bb9ac636fe69aae38e153a47a11ed6d9da6f7a36e4a988c8cbf5b"}, 0x5, 0xf) (async, rerun: 32)
socket(0x1e, 0x4, 0x0) (rerun: 32)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
mmap$auto(0x6, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x4) (async)
mlockall$auto(0x7) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') (async, rerun: 64)
ioperm$auto(0x4, 0xbc6, 0x81) (async, rerun: 64)
mmap$auto(0x0, 0x4, 0xd83, 0x19, 0x401, 0x7)
timer_create$auto(0x4, 0x0, 0x0) (async, rerun: 32)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) (async, rerun: 32)
lstat$auto(&(0x7f0000000180)='./file0\x00', 0x0) (async)
truncate$auto(0x0, 0x7fff)
mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_int=0xca, @inferred, 0x1, @_sigev_thread={0x0, 0x0}}) (async)
timer_gettime$auto(0x0, 0x0)
bind$auto(0x3, 0x0, 0x6a) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (rerun: 64)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311)
ioctl$auto(0x3, 0x80000541b, 0x38)

2m19.001467798s ago: executing program 2 (id=1330):
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x7fffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0x93d02, 0x0)
read$auto(0xc8, 0x0, 0x200)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0xfffffffffffffffc, 0x20009, 0x7, 0xfffffffffffffff8, 0x40000000000a1, 0x40000008000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, &(0x7f00000001c0)={@raw=0xbe, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e5fff4cbe4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ce52a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a7"})
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)

2m17.52172089s ago: executing program 2 (id=1336):
socket(0x21, 0x2, 0x2)
r0 = prctl$auto_PR_SET_MM_START_CODE(0x200, 0x1, 0xffffffffffffffff, 0x4, 0x0)
setsockopt$auto_SO_PASSCRED(r0, 0x5, 0x10, &(0x7f0000000000)='\xac\'\x00', 0x800)
mmap$auto(0x0, 0x4020009, 0x6, 0x14, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x7, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x801, 0x84)
socket(0x23, 0x5, 0x2)
setsockopt$auto(0x1, 0x1, 0xa, &(0x7f0000000000)='\xe1', 0xbb)
ioctl$auto(0x1, 0x541b, 0x8)
r1 = socket(0x11, 0x80003, 0x300)
close_range$auto(0x2, 0x8, 0x0)
memfd_secret$auto(0x0)
socket(0x29, 0x5, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={0x0, 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
ftruncate$auto(0xffffffffffffffff, 0x8)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x5)
ioctl$auto(0xffffffffffffffff, 0x4008af04, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)

2m2.445509993s ago: executing program 32 (id=1336):
socket(0x21, 0x2, 0x2)
r0 = prctl$auto_PR_SET_MM_START_CODE(0x200, 0x1, 0xffffffffffffffff, 0x4, 0x0)
setsockopt$auto_SO_PASSCRED(r0, 0x5, 0x10, &(0x7f0000000000)='\xac\'\x00', 0x800)
mmap$auto(0x0, 0x4020009, 0x6, 0x14, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x7, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x801, 0x84)
socket(0x23, 0x5, 0x2)
setsockopt$auto(0x1, 0x1, 0xa, &(0x7f0000000000)='\xe1', 0xbb)
ioctl$auto(0x1, 0x541b, 0x8)
r1 = socket(0x11, 0x80003, 0x300)
close_range$auto(0x2, 0x8, 0x0)
memfd_secret$auto(0x0)
socket(0x29, 0x5, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={0x0, 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
ftruncate$auto(0xffffffffffffffff, 0x8)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x5)
ioctl$auto(0xffffffffffffffff, 0x4008af04, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)

48.906378105s ago: executing program 3 (id=1563):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0xc)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x2, 0x6, 0x240000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xa, 0x8fd6, 0x2, 0x3, 0x2, 0x3, 0x3, 0x62, 0x7ffffffd, 0x40000003, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x800001e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x51)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
keyctl$auto(0xb, 0xfffffffd, 0x0, 0x0, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x10000, 0xffffffffffff0001, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

45.574076017s ago: executing program 3 (id=1572):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x106) (async)
r0 = socket(0x2, 0x1, 0x106)
mmap$auto(0x6, 0x7, 0x3, 0xeb0, r0, 0x8000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r1, 0x0, 0x1ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/workqueue/nf_ft_offload_del/nice\x00', 0x4aaa2, 0x0) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/workqueue/nf_ft_offload_del/nice\x00', 0x4aaa2, 0x0)
pwrite64$auto(r2, 0x0, 0x80080005, 0x1000000007) (async)
pwrite64$auto(r2, 0x0, 0x80080005, 0x1000000007)
semctl$auto_GETPID(0x0, 0x4, 0xb, 0x2)
clock_getres$auto(0x10, &(0x7f0000000080)={0x5, 0x200})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x86a1c2, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000240), r0)
socket(0xa, 0x5, 0x0) (async)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
lsm_list_modules$auto(0x0, 0x0, 0x0) (async)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000f5357622e7288a22012831719b79c2abc298dd2bbc65a6c0d6005157b078a805add49e76b2b472c08119da561ffa4e8d45d2a0beceddc1f1eb0d1efc198f01b13a890ae76086a2bb548f588e467a52c942a1cd2400000000f90000000000819c97053bcc03d7a3199c9da1955971464ec5dedf181d635afe4a9447dfce5b52dbe76b278f6d84e7b8dcde580076199ef6dce76e5bfc3ba9bb78732785c38962c977a77ba9bae1a3c590d35d65b357698c093279e0fd8495cb208cf5306e61520da6dfbab0641e8d582e99cbe5e3da92054f47a270f82fdecb0c5fa2472b79aa404429e71205daab84dfd862fa67aa888e9f74b950e233f92f32e2364754c740348a21a8b0cfbbb865a5702aebbcf3f8da599dd02d9457d4492149cdad23d3db02569634036640bcaebc14d990f399b51fe26c3cd783912d0a7a274c2896b05c045376d6580ab643c68718b7d3639a2c54eec3eae468d94aac28c79ee0f10b68c34dca", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf257e000000"], 0x14}, 0x1, 0x68}, 0x4040884)
write$auto(0x3, 0x0, 0x80000003)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (async)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
socket(0x10, 0x2, 0xc) (async)
r4 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYBLOB="01", @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x2, &(0x7f0000000080))
ioctl$auto_KVM_X86_GET_MCE_CAP_SUPPORTED(r5, 0x8008ae9d, &(0x7f00000001c0)=0xff)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) (async)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) (async)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)

45.13351543s ago: executing program 3 (id=1573):
mmap$auto(0x0, 0xb, 0xfffffffffffffffc, 0xeb2, 0x401, 0x6)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0))
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
sendmmsg$auto(0x4, 0x0, 0x9a2, 0x4e)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
getrandom$auto(0x0, 0x6000000, 0x3)
r2 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r0)
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x208082, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
socket(0x2, 0x801, 0x84)
socket(0x29, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
getsockopt$auto(0x6, 0x40000000029, 0x8, 0xfffffffffffffffe, 0x0)
sendmsg$auto_NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x200, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x1)

44.270701352s ago: executing program 3 (id=1575):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/ip6_tables_names\x00', 0xb00, 0x0)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r1, 0x29, 0x10, 0x0, 0x56b)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(r4, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={&(0x7f0000002000)={0x2c, r3, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_TSCONFIG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
arch_prctl$auto(0x5003, 0x5)
arch_prctl$auto(0x5002, 0x1)
r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x28, r5, 0x301, 0x70bd25, 0x25dfdbff, {}, [@CTRL_ATTR_OP={0x8, 0xa, 0x6}, @CTRL_ATTR_FAMILY_NAME={0xb, 0x2, 'TIPCv2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
pread64$auto(r0, 0x0, 0xf46f, 0xbc3ab41)

43.804171318s ago: executing program 3 (id=1576):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1d\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)

43.512514598s ago: executing program 3 (id=1579):
mmap$auto(0x0, 0x2020006, 0x7, 0xeb3, 0xfffffffffffffffa, 0xafff)
write$auto(0xca, 0x0, 0x1ff)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x401, 0x3, 0x4000000000de, 0xef2, 0x401, 0x8000)
mmap$auto(0x6, 0x2, 0x8000000000c, 0x810, r0, 0x2000000000000004)
mbind$auto(0x1ffe, 0x100000008, 0x3, 0x0, 0x2, 0x168b)
r2 = prctl$auto_PR_SCHED_CORE_GET(0x7fffffff, 0x0, 0xffffffffffffffff, 0x5a, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'pimreg\x00'})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
r3 = socket(0x1f, 0x800, 0xffffff01)
unshare$auto(0x40000080)
close_range$auto(r3, 0x8, 0x1)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x4, 0x0)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffe, 0x10000000000007, 0x4000000000df, 0x40eb1, r1, 0x300000000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r4, r4, 0x0, 0x7fff)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$auto_KVM_GET_MSRS(r6, 0xc008ae88, &(0x7f0000000080)={0x10, 0x0, [{0x8000, 0x400, 0x9}]})
ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x4c06, 0x0)
unshare$auto(0x40000080)
r7 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$auto(r7, 0x0, 0xa3d9)
munmap$auto(0x200000008000, 0xffffffff)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r2)
socketpair$auto(0x156a, 0xfffffffb, 0x8000000000000000, 0x0)

28.237352656s ago: executing program 33 (id=1579):
mmap$auto(0x0, 0x2020006, 0x7, 0xeb3, 0xfffffffffffffffa, 0xafff)
write$auto(0xca, 0x0, 0x1ff)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x401, 0x3, 0x4000000000de, 0xef2, 0x401, 0x8000)
mmap$auto(0x6, 0x2, 0x8000000000c, 0x810, r0, 0x2000000000000004)
mbind$auto(0x1ffe, 0x100000008, 0x3, 0x0, 0x2, 0x168b)
r2 = prctl$auto_PR_SCHED_CORE_GET(0x7fffffff, 0x0, 0xffffffffffffffff, 0x5a, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'pimreg\x00'})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
r3 = socket(0x1f, 0x800, 0xffffff01)
unshare$auto(0x40000080)
close_range$auto(r3, 0x8, 0x1)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x4, 0x0)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffe, 0x10000000000007, 0x4000000000df, 0x40eb1, r1, 0x300000000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r4, r4, 0x0, 0x7fff)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$auto_KVM_GET_MSRS(r6, 0xc008ae88, &(0x7f0000000080)={0x10, 0x0, [{0x8000, 0x400, 0x9}]})
ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x4c06, 0x0)
unshare$auto(0x40000080)
r7 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$auto(r7, 0x0, 0xa3d9)
munmap$auto(0x200000008000, 0xffffffff)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r2)
socketpair$auto(0x156a, 0xfffffffb, 0x8000000000000000, 0x0)

9.581138015s ago: executing program 4 (id=1687):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000100)=@bpf_attr_3={0x3, 0xfffffffc, 0xfffffffffffff801, 0x1, 0x400, 0x4000000, 0x7, 0xce, 0x8, "a8774773c5280237405b8ddfb1c5adf7", 0x0, 0x5d0, <r1=>r0, 0x3, 0x7ff, 0x7, 0x5ba, 0x8, 0x1, 0x2, @attach_prog_fd=r0, 0x3, 0x9, 0xf03f, 0x7, 0x2, r0, r0}, 0x58d7)
ioctl$auto_RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000000)=[0x2, 0x6])
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x11, 0x0, 0x4)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x40000000033ffe}, 0x1, 0x0, 0x2000000000000, 0x9}, 0x7}, 0x3, 0x3f3)
io_uring_setup$auto(0x59, 0x0)
recvfrom$auto(0x3, 0x0, 0x8000000012, 0x100, 0x0, 0xfffffffffffffffd)
close_range$auto(0x2, 0x8, 0x0)

9.18105524s ago: executing program 5 (id=1690):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
socket(0x15, 0x5, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/psaux\x00', 0x2, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0xffffffffffffffff, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x4c37, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x5, 0x1)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0)
socket(0xa, 0x5, 0x94)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0})
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
gettid()
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(r1, 0x10000000084, 0x19, 0x0, 0x8)

8.608407252s ago: executing program 4 (id=1691):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001140)=ANY=[@ANYBLOB="38008f211d200e92c7b2260fb755a70000", @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf250300000004000800080003800400158012000100898771f1c19f17790485908286dd000004000280"], 0x38}, 0x1, 0x0, 0x0, 0x50}, 0xc800)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpu0/topology/physical_package_id\x00', 0x50000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000100)=""/4096, 0x1000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000002100), 0xffffffffffffffff)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
memfd_create$auto(0x0, 0xffffff80)
timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6)
timer_settime$auto(0x0, 0xd80, &(0x7f0000000040)={{0x40000000000026b, 0x4}, {0x0, 0x83}}, 0x0)
syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000001100), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/SecurityFlags\x00', 0x20841, 0x0)
write$auto(r3, 0x0, 0x100)
io_uring_setup$auto(0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
r5 = fcntl$auto_F_RDLCK(r4, 0xfffffffb, 0x0)
mmap$auto(0x0, 0x2, 0x9, 0x9b73, r5, 0x8000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto_stats_fops_(0xffffffffffffffff, &(0x7f0000000240)=""/163, 0xa3)
recvmmsg$auto(0x3, 0x0, 0x7, 0x0, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x2, 0x4, 0x0, 0x8)

7.922128457s ago: executing program 4 (id=1695):
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x22d02, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400a, <r0=>0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x80, 0x104, 0x6, 0x20000000003}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) (async)
r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x60100, 0x0)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffede, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0) (async)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x204}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x9}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x973}]}, 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090)
socket(0x2, 0x3, 0x100) (async)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async, rerun: 32)
read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000d40)=""/16, 0x10) (async, rerun: 32)
mmap$auto(0x0, 0x8000000000020006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fsconfig$auto_SHMEM_HUGE_WITHIN_SIZE(r0, 0xffffffff, &(0x7f0000000040)='\x00', &(0x7f0000000100)="3d70aa42ea72d62d7d2fe39f29603dff8f97c1b1b50e7e992be3959f9d7ee99631dcfa2436c0c16d6b7ce4ee4ec8cf2014a1b7042667e1556a1e592d73cb9181caa36be823fa68b77e63ca01d8a165e47bc429172f0e53852fb397d6dcaa0527abb4ca74db06a015a927aef31bc4804bb0595644acb2b83cbe1a201edd1befdc2cd21c360f43fbfbde7672c5485582b3b5e1f57505c660d153201f663f086f8d37a45d457285063c7ab32e0a0ccec8488beacb7556197bb94b0d63ae87ff5c7af050968766e3ba3ff8b53b44c0add5e509588a9269cf36fb81cdd73a47cd77", 0x2) (async, rerun: 64)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (async, rerun: 64)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0x0, 0x0)
poll$auto(&(0x7f0000000480)={r2, 0xffff, 0x29}, 0x3, 0x8) (async)
unshare$auto(0x40000080)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0)
ioctl$auto(r3, 0x9000643a, 0xc35) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyc7/dev\x00', 0x4000, 0x0)
getpid() (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 32)
sysfs$auto(0x2, 0x2, 0x0) (rerun: 32)
fsopen$auto(0x0, 0x1)

7.037098317s ago: executing program 5 (id=1697):
mlockall$auto(0x800000000000005)
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
sysfs$auto(0x2, 0x10000000000002a, 0x0)
socket(0x27, 0x800, 0xa5)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r1 = getsid$auto(0x0)
fcntl$auto(r0, 0x3f53, r1)
prctl$auto(0xe, 0x9, r1, 0xffffffff, 0x6)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/mcfilter\x00', 0x2180, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyw5\x00', 0x28341, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r3)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mknod$auto(&(0x7f0000000040)='X))\x00', 0x1, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mknod$auto(&(0x7f0000000280)=':,\x00', 0x63c5, 0x7bf)
mmap$auto(0x4000000, 0x4020009, 0xdf, 0xeb1, r3, 0x8000)
close_range$auto(0x2, r4, 0x0)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop6\x00', 0x0, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x4c01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x83, 0xc, 0x4, 0xebf, 0xffffffffffffffff, 0x5)
sysfs$auto(0x2, 0x10000000000045, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(r2, 0x0, 0xb, 0x49)
socket(0x2, 0x6, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0)

6.07119053s ago: executing program 5 (id=1700):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0xca, 0x0, 0x1ff)
mmap$auto(0x9, 0x20007, 0xffffffffffff7fff, 0xeb1, 0xfffffffffffffffd, 0x40000007ffe)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0x1a000}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r0 = io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, r0, 0xfffffffe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af5", 0xc51)
socket(0x5, 0x3, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r1, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ubifs/parameters/default_version\x00', 0xa041, 0x0)

4.704145415s ago: executing program 1 (id=1702):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SCAN(r0, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="79a327bd7000fedbdf2520ded400"], 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
write$auto_snd_seq_f_ops_seq_clientmgr(r2, &(0x7f0000000100)="632d1bfe595046ab5c40bd6173307acb6d16baef6176e669a216aae1806674fdd80500ffffffffffdfff1a0e010000000000000000000000a3", 0x39)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
io_uring_setup$auto(0x7e1b, 0x0)
openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim5/take_snapshot\x00', 0x400000, 0x0)
socket(0x2, 0x5, 0x0)
socket(0x11, 0x2, 0x14)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)

4.34783481s ago: executing program 1 (id=1703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000080)={0x110c, r1, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_HE_OBSS_PD={0x10c4, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0x9}, @NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0x2f, 0x4, "99ea56f18724251b9a65d5e22ac82dc1aa4ec2b878587a5a1aef0b9c7ee820c95ba5fde100ae39b0ca9b11"}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0x52, 0x4, "7bf582acdbbde1e69a1b4c92337ee872affe1583f5e7eba56d116ecc9a12bb552034f7dc4c6c4dc727921d0b6acd9860de04ad272e4c2a69c2ed8a5011df646b2bb6d587ee092956a7563f8da229"}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0x1004, 0x4, "0ca326b31bbf9df07c2b1ea651d0a51a662f48c8e8bd13a4641786c17398e2b603bc96bca457513a9f600db8da4b34470ebd42d0bd44f9596db83d02af650157ec290de354ea35c8fa0a313a070d48adb6463d37bc043bac971cb9b9eb0dd8985bbda83c1a4a76ef83d09d27b8555b7550bf995482b3102ccc92f983186cafe70a9e5cc3e6953b8b7076856d5311a4eb105ab5523464387314345d29fb1a28ebe2940dfed2645d665eb5dc27151fc10570267e6d911db2f8c257a6cb3ee768205fbff333e4e4c1183d9a271bf8932c2064fddbccb1ed8c063b0afd29571f8e5b419e259f5a9d3e91df21e70e42a1545f1835e4f8517bf4e1742c33115e1d593ba2a0208d16a4edbd3a49ca6af1a6ec2ef89cf97f733e2ff3de6d1745fb5f0b38f060556bd6452d6e44bd1b3b5763bac27e31467f9a6ca5c2f8b1268ad85f85da88de69b8bcbc38b590b8d05f7d6fb1a71776b4b88bf02e2e940a5fe66970fc5f360514fade5e4b121990c9d3cfcbe47b4f11fd93dd1726fc27cbfba2bd5a60ce1511d9b020eb2ba193a53ace357e593d092d181e4b2eebcdf76dc068e7a9c211f1b3f5c0c5bf0e1b1695f473840507eb77e03cef35847c267fb5b7e9a529d27367c465dc213356bbab70230e63fdc0ed6b4abdeebc541e1c6869341272e91a5045809740a194185534fcb54ceb1098e6d59cb914aaf71b27b1a97d8d0c24a20398c8007f0a211b6372f97aae07e0c934f98487bba96336213b23bc79690729e115e4416790e10ac90599c2387af33b57a43e287dfdf351973bdd1dfa40058ae90ea89a086d24bdb7a25d1c5140aee674e4b135100ffc4adbded55f77201a12bd4a3d2ad07729e0aa5ab2b1b0b70e8a628f7fcefdb8f103af2aa0513d6bb282e837e6cea1eb2f51c55d3483d5eef1a16e8c58e197f51a44985ad1a7ea3337d6456617116c0880f7e5d729a8c776305679582febb1c4016ca538d04edf815d9e63a8201d563aac73fff71ddc6f3e019e23320019e7903260224da4f43b7a13e4cb8cc70ea484f8e08f93eed6872317d52aabfad3cca5da072c899125b16613fb7a7ae39b8b79075e7add8ed092adcd2912291735929dbc1addba19c5b9956f0029f4ecb76b9f6b7b73bb633eb40d95278edff1b1f3541de846d403c31a57084e7df5cadd831a3c8430b923eb609c9564a21ff2a0ec83610531e4d66f7a6e9ae98914043f4cb5fdb98525a93f511d0d480a5943bc9e0ea71cbe1871f7ac0fc2467bc3e4eaa442e660476c45dca9a0267400197d65680e90f14a7784bf5c3473cc294df6109e532dcfd4512a312459e5deedbc1bcf9d5d37af8bf03610113773908d7f6c29c9100f13863602a41eaa65d8ed74a6b3fa6d60a99bcaf2c09ac99fd0b3340cb139d2bbd4f3c8887229bad451edf9a4e559d270c5d8fc5456be30e628c7dea0ba988cb3f61dc27e05a9b66dff735bb6d2d00ff52edd2f947876bb804091d78ff357c5f378c54dde2729b6565d6b73b1db74c0be88e3dcef75b09e28e66c0f773252876c721c428a4fae2aefee2319afdf877a366336da36b1f7843e98fd6b1f71ab0d9ec5782b5e84765b38cfe20d9cbfe8afec1ef5a8e122a85847ef5eef9bab4d7f19712258daa9719f4b1aebb9eb62e898937d9c248a401cae2b1082a9b486d38dcb4894a794d5000a1be8b0da8307209a9e08aeaab0a2523e6ba3282be6eb46c63de2093da2e7c71fc2d61f0c4d69e2bb13bf3d26873f10d02d4d0fd443479e29bf2606d04ec8ae8c6a0d5c0b15a3a75317532fc56f72a660911ab7040b11eedac9559c02a41bcdee865f80f6ca527f99f9592eee115d860754d0a893780d0c7c83f525fb0c04b67759a37392f077838a2516c669421aa23c9b22ea3382555f6ca14d1bd1b37698c873539167e244d82d8e99fcae683bb6c2266a6906b43a598fd8b040c5abc95ec5ae50c214a0b10e67277c8092f1181ae65c61c3cfc5075f532b60d958e7962f3e7fd5ce4fa08f006b685f46251bf5017aeec810b6966e7c241cc437bf10ebdcb113ce2f744aa00a3493fd2c6a160e439bf4a5fdb51acfbc1d54232d57ea02bf5f8776fd6ce784faeee2fcfa7b354ff68a663d9904f7f1acc81c5b2c830230e036442d678d3aac552f1b0a9d8a8faafd2258945b521cb3f7d422eca459f694cc8b3e7fd6d3d4a86e258a5446d312b553417f14deed1f94638fac7f8f30922f08ecdf42454e46737a6d251ec018bba7cd56470dd87f4429493f5e19de4edc6bd5778d891b8f19dc28cf31794a6f2871a77ef13a3232227ad18b23ac5b7ab312f223c199c51fd985494ebdb6e0d53d2184df053f285108f87702e0edca5eba1bce7044c8d574aa39c81ddb0f3dc9cd98345824ece54682f3166cdd85a2d075ca1ff06911e2bf951ee8b388539e6d70086f1a4911394ee5f5aea8f90b298aef8d6a7c6ad7b39975027fa93b4acb0f7a925a074ee56598173504135f0554d524a7ef42a451f78466df894046b880b7c31fdf0b46c7d71b140d392177afb1316090b5190a096fde593d4e95ddd19655fc49d2372f67aabdbf1b6eac089392e8badad516179f202c570250774eeaa61670a200353aee178895e59d3a932cee0ee169333863a319ee23eb7d61928ddf4dc182cc6691458e26a107b6f125ce7bef8bf6602dde7230fc85a114cae5529b6cd83a1947f4692c3e2de602cd44e3b1edd9f499de8379d118c88c829c18a6560c785c576a932efb57ca0aa5696bf7e1f0406660a8abb654c78a5a20a506da330b0c2b8d465ad21897f9efadc164c8194a37cfcd1e6b0b25da00f45dd6257a9d1aa30974c6dd2da678a1d456aa0915a2b2a5aad1dadc1d35062718a06c73a52a70ca2521dd0ab4088ef3e304a6047d7790a2a0d0f3d9753b21bc1e42cc1ea31ac840a42baabe07be89ad165aa3b80b288057bca959ad2cd49241b90951a8030ec837b0643c54b1a4181d03cb6cd27b6da84750d94463a27c5135eb15b84431b77eb9de8b8bccbff636a21abfa04d36e7d5e28d0e0be5681962ce0f2d40466ba18ea5df37df42bd5f5091e930c14974822d9ce026f8893ab873b2a85327eb04fc6c94a64ae1ec5bf9154212cbe1b6f7f533784dd4e5f3aebe1433f3d9d7e2b5670a62e7e551e2dde977425be644526254e71dfe4f4edf1ff2f11c433d6b77449e566bbbafd35d935d2ed277f63dc3efd85735717ab98eb2a251b169f232ba46df704ad902f6c7c164b7f93e847ef215769f3bea168aefed749dacdc968cfaa3ebe89812ba1a0413c421176ac73cd8482e0956ab20968171a0338c2cbf96ee841aa313b1c3f83f13c4ecc845cd6956fdd8336f27f3098e4b360bf7a7431225533231c7265b200c3abd905e6e0d8c68f663170f6ff896943c9e4f73f1b09d71e48be41fb4c53d728f25d87d3dbc35d4d9545b687af54f7f62e9b653e2607fabf08bf3d09c1661e7a0c34d584fe2e754da13ddd5c7dfae85054a1c00bf735d6f9544b7b544b4662b81d55f1ceae4ffa55ea5f200c215c3c313da6f185625cb96edcf2c22374543b80c5e1fd81e10824f2832774b049a324c2eac26ba55140fe41afc51b48ddb0de88a0a6d5b57d25d2a9b371fd7ab81adac1c89ee121ae38b58262182cac831705d07846d8d5a9dfa5513ed22b8653025262aedc5167441ecb67662d112cb71fec328e94108e3d7c8ab9137c04de58ca0157419ec0468b2410e816ea3599104fdbe96d929eefb4e488f9ce3d5d198193596475c7aaea13b2c3082bfa4bc3a19b69d53c54c65cd9569a99a65e3a0c80e736947226792878f6438e3a18c0ccdb74900237b07ba1e4e33fa1998d243aae1790364f2f8396e0827190b58cdbc6153ac6e7b3cec37c060c194566b2745c44f99ce44e3a46f492b2b6b47ed4ad138a2578123646b5849176f3f191a6b0d4930cf7e707f10c72c46fc874b95c71e96e5878e4544ee388536cb06da4d749f8973cfbca69f3e60352eb51391a59907bcfc648b9693cb4af85f35edad0d3e811a1711904ff9a0b1cbc5153ff36a59de67398db98458c03c0cb204dc8fce98438d8400b1667a9babfa16910f8a01829a4fdb5462792b132b89e7a5578520a98e6f1cf3eb32348605858849ec7b857ce78cb31d485b6973e575dd14745f8c154fdcd09a283e865179246383edc43d789564c04d862e33eaad60f0e662111610b3ffd74594362e72affe3073862d4b60f89ecaedb4c1f4516647fa711d7c23673cb4f7e7e80ccaafdde75dd1a5203b8adb0a01c129f41d61e12b7fff05bfa356c4c68821ba6adab74db8c8c35fcb0ceb0823aa187041bed85fa9139ad69a296b8ffd446a8dd86244aeace2a5604b9103b853ef9f509105bb294535d414b883a65b1c80c0786505ab2170c3f522bdda3076c75ed01dee6ed1bfc24d153d726bb65e799985bc65aa1215511b961fd8e083261f9a6d8bbbd3d5f27d58402c46aad92d1cfd8770eb683d2d0e1440cb7808eb72c0e079fa6fa0c1e0a380dd5dda9d3ee218b2d94735207fe82662948ad6309ee1c1da94c3127f8f3550ed0f1425848a5d2104d5c1a01b375260a1ff67d0b570a1b7fd95db6e5f1c6efd47c0106a021cf912d46035113ba3f2a2732bf3dd21dfa2556b953bae58307d7250076b0a03db52ea7d6b094b5bb0e8718fb8e2a64bb0247b108844357194d69cecc3dcf89d5095e99cae7c6239f84668d12da62e68e6cce2aab2e6c9c599040e6d77fccc72d6c707edbee3343574055470a01c010255dffe7301e3dcd05ef539df020f3d28e779a697dc419cff36fd05bed460d23a894c430028cb0053e2974c1c21716c4d7f0c99ee56132bfa330b20336bd1d2dfb1952a80881e03b7b2368c4402eed9b789068ad171c8f410528ca6b8c0d1c8337ca51ba66b5d9ff55d8c9b2a3f23586f742c66c28cfa3dad2b894be2fc9a16a81eda3875664fedb346c13a05f984887a44dfbeabe8c80ff465a2f647343b96e7eaa9ac2f1cbb9f842019d0b6e78a80f370bc73ef93d3c2ffd255e1f63ecba883983f1237049a3c360811d857f2caf9b7ffb0fbc1a4bf72a72093071072f1275996ef5fd7516f71b49f3f41d9efaaca96a49bc4ca92bfb078a38062df129737564de0c9c917b20195179f8554755fbf57c71c671f2e6cbd931e17befc3fce1c28310b23be081d00755fe0119f956f893dc98790ae8d002d45028e7af27d6c027005d3fb383fe818e6237840f5472455793ace16eaf9ed23afd922f98267bfc8092d51645aee5f37c5cf14d9bbf6333c7e91f53fa162d107b20baea7324a1703dc9594c6d34d47cd129fa8e18b0f4245efd53ad7c0e652b72be155d57ad1718d74ed04c037a65868d1d50822d4a40ed9d4c9025b867752dc1e6d477b6440bebb1fd4319707b2a55351342342f10a635032e1ba43e8f9a4b5748868b3d8bfc27f6a59b6ae909c131e8f161edac721ddf44452a8c3c00c62ab14a642b26dcdcccbaa38f90659054018e1f616d06a4b1c9a13a9375e35d2620db17e882f3d371cab707b432cf06463dd526aba0381d9386b6cbe1aa8d13a6b56f8bcc7b13e46c3d76f0aac31439456c6c64a10fbf1ef49ded8380dc0ba1c741d8dec78e9e0114827ab59384218ced5be81a41202fc92a5e8b083d3e8409b8b5f6dc3d4d3ae1cc96dc5cad5f5676c6325ea4958cbc9a3b76583e82e821de67842011ec0dc4d5de221f78400bb60dee9096a616e9ad869aa28167a77d531009a68ba5d7bc1e3a56c42557ae5a8c7e4174739"}, @NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5, 0x3, 0xb}, @NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0x6d}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0xe}, @NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5, 0x2, 0x8f}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x2}]}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xfffffffffffffaeb}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xf000}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x4e15}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x101}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x5}, @NL80211_ATTR_ROAM_SUPPORT={0x4}]}, 0x110c}, 0x1, 0x0, 0x0, 0x40000}, 0x4042010)
clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9)

4.125891206s ago: executing program 1 (id=1704):
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000540)={"ef13a5421a8765cadfca436c4d13dd823843180bb151e936e8ce6cb454168d6c", 0x3ff, 0x4, 0x1000, 0x2, 0x200000000000000d})
ioctl$auto_BLKTRACESTART(r0, 0x1274, 0x0)
ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
r1 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0)
writev$auto(r1, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x9)
signalfd4$auto(r0, &(0x7f0000000040), 0x600, 0x0)

3.961519978s ago: executing program 4 (id=1706):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
signalfd$auto(0xffffffff, 0x0, 0x8)
openat$dir(0xffffffffffffff9c, 0x0, 0x840, 0xc)
socket(0x1d, 0x2, 0x6)
socket(0x1f, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x5, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
shutdown$auto(0x200000003, 0x2)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
io_uring_setup$auto(0x1, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)

3.649806956s ago: executing program 5 (id=1707):
r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x0, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/hid/drivers/corsair/uevent\x00', 0x20040, 0x0) (rerun: 32)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000340)=""/4096, 0x1000) (async)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x0, 0x0)
read$auto(r3, &(0x7f0000000000)='\x00', 0x3c1) (async)
ioctl$auto_RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000080)={0x10000, 0x0, 0x1, 0x9, 0xffffff3e, 0xffffffff, 0x4, 0x7, 0x10000}) (async)
readv$auto(r0, &(0x7f0000000040)={0x0, 0xe3}, 0x5)

3.495498092s ago: executing program 1 (id=1708):
r0 = socket(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000000000)=@bpf_attr_5={@target_fd=r1, r0, 0x2a9, 0x4, <r2=>r0, @relative_id=0x100, 0x1}, 0x81)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r2, 0x40045702, &(0x7f00000000c0)=0x1)
socket(0x29, 0x5, 0x0)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x100000006, 0x0, 0x13, 0xfffffffffffffffe, 0x0)

2.982443133s ago: executing program 1 (id=1709):
semop$auto(0x0, &(0x7f0000000040)={0x7, 0x8, 0x4}, 0x1)
semop$auto(0x4, &(0x7f0000000080)={0x14, 0x4, 0x1}, 0x7)
semtimedop$auto(0x8001, &(0x7f00000010c0)={0x1, 0xffff, 0xce0c}, 0x7, &(0x7f0000001100)={0x8, 0x7ff})
semtimedop$auto(0x2, &(0x7f00000000c0)={0x2, 0xb, 0x8}, 0x8, &(0x7f0000000100)={0x7, 0xfffffffffffffcdc})
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/driver_override\x00', 0xa000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
semtimedop$auto(0x9, &(0x7f0000000140)={0x5, 0x8, 0x3}, 0x9, 0x0)
mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000280)={0xffffffffffffdc21, 0x3})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_VENDOR(r1, 0x0, 0x4048800)
msgctl$auto_MSG_STAT_ANY(0x22f7, 0xd, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
fstatfs$auto(0x3, 0x0)
ioctl$auto(r2, 0x4b67, 0x1)
getpgrp(0x0)
sendmsg$auto_TIPC_NL_LINK_SET(r1, 0x0, 0x81)
semop$auto(0x4, 0x0, 0x7)
r3 = openat$auto_ima_htable_violations_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
semtimedop$auto(0x456, &(0x7f0000002100)={0x8, 0x0, 0x3}, 0x766698a9, &(0x7f0000002140)={0x100000001, 0x6})
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002280)='/dev/adsp1\x00', 0x8000, 0x0)
semop$auto(0x5, 0x0, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video5\x00', 0x8a340, 0x0)
ioctl$auto(r4, 0x5646, r4)
clock_getres$auto(0xb8d, 0x0)
futex_wait$auto(&(0x7f0000002640), 0x800, 0x2, 0xe, 0x0, 0x6)
getsockopt$auto_SO_SNDLOWAT(r3, 0x0, 0x13, 0x0, &(0x7f0000002840)=0x9)
r5 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000002880), 0x100, 0x0)
read$auto_nvram_misc_fops_nvram(r5, 0x0, 0x0)

2.853039487s ago: executing program 0 (id=1710):
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000800030000", @ANYRES32=0x0, @ANYBLOB="080006"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1, <r0=>0xffffffffffffffff}, 0x7)
ioctl$auto_SCSI_IOCTL_GET_BUS_NUMBER2(r0, 0x5386, &(0x7f0000000100)="a69d801085db361d566be761413534a9ef38dc486d6b3744c6732de12ec63a3f45abbe7d80b31237bce94f2eb362593ccee097698135c9f009bf868b99c4a6b71a4a28a9dbad87a48ebf7b472c116d0fc77aad1c81aaa74e87a2bbabc6c77c5c03795231be306807288051deb1349314cdc3b92f38a81151ebe5ac0e8833bf85c90b8d47dc6938fb81a97bc726fbc18d8dc50e85e2c32325f89144e6ec64e1708432c26bfaa2f296bff35f8df1a8bf83922e475965303e9ec44152d6bcba9c694d2dc2dee19ec7550291619a410bf105d302e79c4266")
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x3, 0x0)

2.641495963s ago: executing program 1 (id=1711):
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/pagemap\x00', 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c04, 0x0)
mmap$auto(0x0, 0x128009, 0xdf, 0x410, r0, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r2 = getpid()
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x7fffffffffffffff, 0x80000006, 0xfffffffffffffffd, 0x7, 0x0, 0x0, 0x0, 0xfffffffeffffff91, 0xfd3, 0x2, 0x8000000ec, 0xfffffffffffffffd, 0x81, 0x100000000, 0x6, 0xfffffffffffffff7, 0x17fffffff})
socket(0x11, 0x3, 0x9)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0x40000100000001}, 0x6, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto(r3, 0x89f2, r3)
r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000010c0)=""/4082, 0xff2)
madvise$auto(0x8, 0xc89, 0xffffff33)
socket(0x2b, 0x2, 0x0)

2.562373824s ago: executing program 0 (id=1712):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto_force_wakeup_fops_hci_vhci(r0, &(0x7f0000000080)=""/218, 0xda)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x16bb02, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000540)='\x0e\x00ev/audio1\x00\xef\xfftB\xbf-\x97\xfd{\xf9\xd2\x99\xee|\x1b\xac*\xf9Sf\"\xd5F\x15\xf5l@M\x01\x00\x00\x00\x00\x00\x00\x00\xab\'D\xe8S\xb7\xb9\x86\xde\xafb\xe01\x10\x16\xf3U\xe8\x88l\xd71\x96T\xb58\xa7`\xe7\vh\xa2\xa6\x15\x1a}\xd9\x1a\xc9m^X\x8am\xf0\x95bt S\xbe\x01\xe2\x8a\xf2\x9aE\xd0\xa3\x91\x9a\xb8\x1f\x1aM{\xea\x98\xe4\xf4\xd3~^\x93\xf2\xdd3\x95z\x12-\x12\xeb\xa1\x05\r\x8a,\x95h\xc9\x00\x00\x00\x00\x00', 0x3)
select$auto(0x100, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x0, 0x3, 0x15f4da07, 0x8, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200000000008]}, 0x0)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0x2, r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TCSBRK2(r4, 0x5409, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x4, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x3, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
open(0x0, 0x22240, 0x154)
select$auto(0x7, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000001, 0x9, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0x8001, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0x1000, 0x80000001, 0x1]}, &(0x7f0000000380)={[0x8000000000000005, 0x5, 0x1001, 0x10001, 0xe, 0xf, 0x4, 0x3, 0x59fc8000, 0x6, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x10006, 0xcc})

2.454386727s ago: executing program 4 (id=1713):
socket(0x2, 0x3, 0x100)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x400005, 0x5, 0x9b72, r0, 0x8000)
mmap$auto(0x7fffffff, 0x1, 0x8, 0x11, r0, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x23, 0x80805, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00')
socketpair$auto(0x1, 0x1, 0x0, 0x0)
semctl$auto(0x204, 0xfffffffe, 0x3, 0x4)
r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r1, 0x0, 0xc3)

2.073531971s ago: executing program 5 (id=1714):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x80002, 0x73)
socket(0xa, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000)
sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x44)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, 0x54)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0)
ioctl$auto(r2, 0xab07, r2)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket(0x2, 0x801, 0x106)
listen$auto(0x3, 0x83)
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_v4l2_fops_v4l2_dev(r4, 0xa, &(0x7f0000000440)="9c26dbd7b097db2c760cd440f3029faeb875462bdd2c8ba40efe059f45e5a8de33450e885e295ad2283897bf3898836bd6242c8d9a103e43fa11973cbbeb398c3e93c615f55baff8dd6babfb59a291ecd347f6789acb3b42556af65b6b5fbe635d335e4c4bbcb2194bf3054e44779fc554dd3dc315a824ec47233fd19bdfcd414baac3ea1d24d95ffa27a2ed4581932907be4067572c55660e255ba0e982fbf97d41d65e079d3891be7836ac7c3266d7309092efd6dae09717db6023a4cd205f962859063887bbdba662b51be3a08567b852f921573285c166874412040dd72e762a215ad2")
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
keyctl$auto(0xfffffff7, 0x0, 0xfffffffffffffffd, 0x0, 0x3)
setsockopt$auto(r1, 0x29, 0x3f, 0x0, 0xfffd)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x3ff, 0x7, 0x11, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

1.717637787s ago: executing program 4 (id=1715):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r0 = socket(0x2b, 0x1, 0x1)
r1 = getsockopt$auto(r0, 0x1, 0x3e, &(0x7f0000000040)='\t\x00T\xce\xb3O1\xa8\x98HgGKt\xc1\x91Cy\n\x106\xe3\xd8\x96\xe9\xf9\x7f`\x10\xbd\x06P\xec\xab\xd8\xb7\xb5\x9eW\x10w\xf0\xbf\x86\xca\x8bii', &(0x7f0000000080)=0x3)
r2 = socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
r3 = getpid()
r4 = gettid()
rt_tgsigqueueinfo$auto(r3, r4, 0x1f, &(0x7f0000000400)={@_si_pad})
ppoll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x692, 0xffa0}, 0x4, 0x0, &(0x7f00000000c0)={0x4}, 0x8)
r5 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r6=>r5, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r6, 0xaf01, 0x0)
ioctl$auto(0x3, 0x4008af03, 0x0)
io_uring_setup$auto(0xf, 0x0)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, 0x0)
ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r1, 0x40285881, &(0x7f00000000c0)={r2, 0x0, 0x8, 0x4, 0x6, 0xffff})
write$auto(r0, &(0x7f0000000100)='\t\x00T\xce\xb3O1\xa8\x98HgGKt\xc1\x91Cy\n\x106\xe3\xd8\x96\xe9\xf9\x7f`\x10\xbd\x06P\xec\xab\xd8\xb7\xb5\x9eW\x10w\xf0\xbf\x86\xca\x8bii', 0x34b6d363)
getsockopt$auto(0xffffffffffffffff, 0x110, 0xfffffffe, 0xffffffffffffffff, 0x0)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)
r7 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x0, 0x0)
ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(r7, 0x4004e502, 0x0)
r8 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000140), 0x80401, 0x0)
ioctl$auto_BTRFS_IOC_FORGET_DEV(r8, 0x50009405, &(0x7f0000000340)={@raw=0x639c, "a6f66cf8bff3a7fbc926455ad132ec401cfbf8f521fee740193315553b85341eb975457e05a7bdbece6a2c251968693eb9efb384b817b1374b754059f05c97a96132fbae268239e54ef4eb492e690846b011144b3bbb1efac94612619e2192c4cef026558efbb104d303a10e836610391dc59d85f5b7b6d8cdeee08327f31576e808871de71af90b9a477b45cb4261f3705a70474f65be67ad6aa11205c2efe7c96fab66fda89e7a7d6e66d784823fee8601b403a0f21c8d0bd381a53ee99f48e597293c590886047b3e1ea2c7a80ad8c4de7727a032a516dd1a75ab610e1541164f919713971ef624cd5b09dc97e5868f3a06676f38a8027ab4a340ab3aeacc2e32a6dd1cda0d1a33e81ffd36b50b0c965f3dc560580cb1aab7b46b9177e2decb275f4ee28c321c852a79cfe5def04ea2223daa9bee3ac67bdf562f7d9cb930233225f78d177bcf7ccafee914b11f8afab8e6bd6bb172359964a548ce3fe503d9596433f48a86c321a318b69a03681b60d95b21bb51e6eb5658731370b235290c8781e596bbbd0f8d1494983187c16606b35722cb0d56bc6f19b6f76bd92a9ad5c4e690c39e576ab3c5e077b29c17188905ded6b5031787ed3b35cabc36487fd5635d1574521a7d363f6141a8bff4c56c00197b024e0575be2ff720b94f0a101b7a52ad9769175b0adcb31a756a21bc7df09fd6cc5998624cff69577f4fd9dc6c95948eca2e01ac9b31b3931c2408f31bbdde4fb42067a965deba3dce40c2a1012127ebe44e940cbf7a0b022aa836f95cb1dd81de965e65b4cca41c40bf1c799ee39c29bc0162b9975321d3017e3f5e6b07482585c5f6b863e3834053ceadc58167b1a6b113ac3b5cdfbe777aba8002ffd14e8532dccb9ff637f9533bcf212191a65861c8780fb556837d8c7bd9f1ef19c00b39fc48f20984cd6e84f4c930229801627da405f3a5b15a62e460741fdaabea0f224be19921b0c5277e984561e609b05b6dd26707ea8b8f49b830cc6f664573e852cd2b2be86b17c28934be36ddcdf41e0195fb599fbc3974c2621a437a6a8cc2a11355d0c4c5abeeb8dd6552ea2b29579d7e6ad416d1b3d7eddabe3d5fdd21983580e7bc0d7f1cd7f27dbc6cee8a45f938583a24e2e7838081e5d91886807849c81d8964712634256d1140e94d48ed49f019fd8c83330fd580b42646acb3a54a0b626404dd6d3b93cd0dec4b6d9112e465ff92df2aa082e1b9f55fda4425be2d11ffbdc457f2114a50ef5d994b295e20311264f850c97006df322c1dc443ce50f44f023f8b94acb2fa29350a14213eb7995078176ed382b7823614532bdb7fbfce2e163a8d0956a330244678f9340f1e04add1a4bac4c87cc1810161c1c064d217beb8525d42ffa2b96b66f67cedc6587f0d8a3ab8fdffaff411f5243c912416ea0febb8c9b97330e09c8db4193f511c85406abf838aa623a155f47edcf00a000da095f2c151067d9424223e13c33a360d889b64f34ce15e80b27281d9eea3c0fb865dafe211dea439d1efe93301d225e03135e46f4dda4f9bd732fd673ee8c3154ab25fd9839c6755d08e02b2414833153a6411a00e21ceb0f116e0662a6f629985663c44095abfaffab700db654da9125f93c983d1fe1475f92557f5fc07e0fec770caad1c6e8c479e4ea5bca8e0f80cf5b2bcd6deb67fb4796894761b6a633c5e47307b5157c30a50e3dad4938c2670e1db51976cc8cd1eeba44877cb829550e078709bf1be1cb890a322f26719c59a8fce6ea8e1c08b1e935c560f3cf90055c70094bf866b84a4be4218bd3ef4a2baef029069241b589155bc6860044f736766d98b7049b124bce7b6da878c4c77d274a8807e519abfae6094888387ac8d0438b384cf0a0f6a923ee8504fce0da556f7e0fd6c1b86a10754156a54bfc373393602f9aa1a3c922c01291d2891958542801ec8308d5a8a41130eede0d3d97db4fcf67190bde5134c6c5e046aab24a7bad4a94823c889dca588123e8153ae15c79bc405f0b7f76c25b5e373a0e345f8fafb54f4fdbdf2ee416de4fa5861f3eb5b71fa8f291172838da1c4d6258900cf63cf3d72d1fd3211b8692a270093c09e252ea63243a8b719bc7c84ef72d6ebb3a8b5d9c93a0cf89d4fe4ae6865c1b80d159dce59025593bab4539e71774ef49251cedf6e68413dedbab9126df43cfec3d1d12a8f9ac0c84c7cd8cdb59c70235321390b935038c673a6bd48789aeb5e63358bc606c37df4542a145611764ae02c9b8f736c81cfba047c886225e173e4f7b441b0aab6df4c673d94092ea9a5dc49b3a3f68684503edde8207f050e3391a226d873e01a360aeeaf645222b11a0ae7065060eabe721b66c6beed38f30e6c1f2e17848b5a026cc3ad9471464053798f46fc803453ca07934458b34ab188a75b42ac5b2e779a2447bfcf70973ba1950826bf829b9e4be02275a3812a0094eb9954ca0b827b2cbce20b706a058d4d3dd2feb8f8290442bc2c13e2d379eb7ab7e97b197f86e6a899403b9d8a6a1045bac402c859a538b9d548331de8148ce2b131f198ff5ac0bf04483e9e93e70180626fa4ac22c1fb638ee638202045811f0674349aa9a7850e557f034adf3bdfb3b0f9f304f96fe7830813e8876a664e6f4a36f39b2332f3ed535fc3bea02064d6169fe6b7d219cfd237debcf9fd6933f81943af8d2f66d03575fac49efb06925aaa6416ce58f132b5f6b94f43ecd5a95da80f20bad430f4ceddaea4ae0e3c0600b3c2170f14f0a7e1a37417c2fec60504c6b2c549f62b4f8f5d33946e75dcdc460ee9dc60758cbbd224665bcdbd506b151f4a051d311358845f2c8fd3a7ebd6243ca56efe122f4a0508626a1eafeb593b63046ec3bee8e1fcaee2e2f656735d3172b1e5d00d7c43d997daae2098e2cc04311536fd5883b6aa3d62e9f7f30d9d8db215012f0bd058f3d1bdb268c6947ac11f889d4bdf6669b27c4b63bc0f931c6cd3ae290d63e4b47eaba463b2b245fc98c1c696c25dfcc57a3dbd6786f8e2b443029b04d3098b7331da0e18d52c945d6299e77011466dda971fb4b68aaf99da564c3a7dbb207f9f96a81bb70c1696f1f1bee0f0ddd41b6e260920cea65463208a89439e932655ffafd2593607d4f0b0ebf76704c7b9cad0f448e10921f0a86ce14d7a56bbcf7a7c8d6c45541373830f6ee934c14f4190c3c6c0d3caaeef6e6b76fd259a6607ef8673ea25eb7d0c9af942446bbcf2896d31b7c9b6f6dc64f03ed2caa900eff711b2e98ff23a954107fc048db45e41ff8416682156a91eb7d484610d57d5b998f6ce96cdb2056a22f4a2882706df0db187fd15d5dd2e1c6e53e2b7941d409575e3a826df8f2e3636fb0dd3564fc7a8934a8d4dbfe742ed1cc38bb65dc48ef06795b69ac271da4f9b85c56674f334032eca4b787918adacbd2d15bfd13e9393d242d0687e57d4d7d030b9e0ca80d52663a68ef415ac659747f64aa2ebb1e4ea4dbb9e7739f2a7390ca3d26ac07ddfc1c51a43530e9617d62739c7c78bde1fd7e1889d08d205db068a24a18525fd0785229fb0f18830e4501906deb9d2000219407345b97f0f17b78399cb13851ddf6e96fcbd63218fd4faba129bac045c7ad1e3314fd52be078f5a26af4058590f3f71a47a0101c2360b0711d4e0aed6915d4cdbb563bce7d23676f23eaa3ac127506ccf17b2ec35c86ad56f818df2e9504f23cfc8c06773ffbde08c78f45bc02e0fe7e57e05708c18584aa932c7f853c20d425d72324286e08dad0e8c7bccc93c1e6731d40f3fcac69cd5c3912777b76233fd486bd1c362c81734037ef34486f8972f93cf54db3e114e36aec9d8c8ff48e390b17253a99795e18dc448e0b68827342e71236dc34a078a01bc0e6d505c451e84d394b1d62276b436b849b60aefcef6544bc20bcbc898f8aa0657aeec0a2b92805c136580d403dfbe60bf89c99c2ddd635af994fd94eb66c1aa423555723b006c496ab90bc5896a9eb6bfd92140824349cb32697b63502699e0e4c4280db4cc27197d40c567136d433808b383eafb956649081170f992b13d5da99e7c846787cf552646553afda92474f3a5d4aeb878e5f6eb455bc6d1c5fce479a59efbdf2d80f30406f4a4257c78ba698ba34e47d1f593c3f447bd28dc0af544ad414a14c5add42b40da601168bc1fec2397d5a83d4c6d19c92f96548efc723ef83528805ff56a262d4dce1184adf78bff3db569d22839864e522db677bdb67fbebcff672dad89dadf84d0eef1425e0275bc93ac87fb298b1c5360fd3287180446d9e428fc2a815259e1391605fbb5945456e95c91ccf93b64b0573d785f230ade34e7ead2b92d426d3418187c20fed0ee3d336e5752007eaba26d42ebee2b232897133e006bc39bbf89c913b8c8d3f94723f88606e6122895c3d3ac150db123a5e3841c8fac9a94a01272650afaca1ed1f04a8b50f78b3b686f528a995a5e2fc3fbac4bc6ac0ae43e0363463bec9c34d1fe9e2b40d1fb0415c92abf2c9e4dab1852349b84bdab0780dc19f39fce399f8f7e789a7194b5870776a2dae6d83dadef0ce824cc0d153d813d1f54351b75668ab863387835636fa6b966266c2de0bf8452ffc2bc3f9a6bd8c532ab63864a224c77f91dde5f81891a9a5b6dc4c4d3757a2d1ec7a9c0670b5e8f1b883146060b58cdd28b489fe9e62d87f2775cb4b59e6d43afdced533f5ce50c5638bb4c9813c1565c1c0943ec8b05b74ba21a283f5c214a7241f32ae6c254ce1921899427e12e185609924c2dcf578812c1cdcf1082d5514f9b06630977a969d7a36a85bd3aed4211618fea963f9244fdd926b53cff64542b4af7aa5234372de8bd19500a3751148def8581ee646f915389d01cd1606cdfa36a426a4f4bd97cec97f264a7012ef34dca01cdb5cc787a7ecb20ed67c80c03d5f059d6cb0bec42645c0f6bcbd3828db5611ac2e85a89481ee54129852b05869780b97b496a544adee29f26976c52c29ad1b84ff39eb385ee0ea658dae773868ccebba27ac2638abbb419d4b0f71d5fd55c1406ea202af4d3aa84b3850e40715e2270b2c61733fba977254430b4cc22bd71f526d98daf02b2ddf671cc46d0c0cd89c9831ebc1fe6a64ce4683aa518c4e70a4d2cb60325c5cb5ba891a87ecb12314234239e77b0909e28cd735374d9cebde1580f9e6e3800a740028d908b7fc52ce41aad2d0373ba5d7a0a25861b3ca7b282ad0828fde69470d4ab447332ce64528e5b591dadfe38b50c52b41628846565ba406482d51fad28f195b3884cf4a31fdd66ac6255defaef79b5eafc49b8569f36e7e502236b3ecd0da65d9b9fcf2ed97c0d25b7265dfc9e4ad1ed6e6719a3a1d862a47f5f338efa0b70ecc1afce976e1f8f6357847add797ddcdfe85a55ec210e53612982390655a28c57729ff3f584a15929446b6d4a4908b5fa1a0fc6a3a9d667d4226cc0aa1215a51603c507cbe569a19f82a242e1ae166430a408cec9de9bd94b1c39566b546b11c7edb4d2278c80caa4280482314e0c91bead014c9dad89e21e09bc0fb307eadd8301c0c889abab34975c836a9e49628c9a9151e1dbe13638073832cacf5c77924981b765bee9b5ad93da8dcbffc60a78d325a14b147df4ca7928752610fa72cb7336fb79c3f07c1d49ec3c4ee750837742fe759f16149fc80cdbf49adcd4062ef2ea609de3a196d14a29395153fbe66db084fcb45d1e5f0dfb9a26c7b1767e67a34dcb46cd0df432a1f058dc1026fc7017fdf0a31c616fed352fdff"})
sysfs$auto(0x2, 0x1a, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

1.540274358s ago: executing program 0 (id=1716):
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r0 = openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
pread64$auto(r0, &(0x7f00000001c0)='@\'&\x00', 0x5, 0x5)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001800)='/dev/ram14\x00', 0x109102, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
statfs$auto(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lo/tx_queue_len\x00', 0x100, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.0/detach\x00', 0x2501, 0x0)
write$auto(r1, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1d\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)

568.414402ms ago: executing program 0 (id=1717):
socket(0x10, 0x2, 0x0) (async)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) (async)
socket(0x10, 0x5, 0x3) (async)
ioperm$auto(0x2, 0x8000, 0x2b325536) (async)
epoll_create1$auto(0xe09)
socket(0x1e, 0xa, 0x7) (async)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) (async, rerun: 32)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async, rerun: 32)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0)
write$auto_ftrace_event_filter_fops_trace_events(r1, 0x0, 0x0)
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x88083, 0xffeb) (async)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) (async, rerun: 32)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0xb991, 0x5, 0x19, 0xffffffffffffffff, 0x2) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/jfs/loglevel\x00', 0x1a9701, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) (async, rerun: 64)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x6) (async)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYRESHEX=r0], 0x20}, 0x1, 0x0, 0x0, 0x40008c0}, 0x8000000)
getrandom$auto(0x0, 0x6000000, 0x3) (async, rerun: 32)
msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, <r4=>0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f0000000400)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) (rerun: 32)
ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f00000002c0)={0x8, r4, 0x1, 0x33})

329.626089ms ago: executing program 5 (id=1718):
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/hwsim0/addr_len\x00', 0x0, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x101000, 0x0)
ioctl$auto_SOUND_MIXER_INFO2(r1, 0x805c4d65, &(0x7f0000000100))
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/213, 0xd5)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x3, 0x3, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400020005, 0xdf, 0xcb4, r2, 0x5)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
msync$auto(0xd, 0x5, 0x2)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/profile\x00', 0x8200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)

265.402336ms ago: executing program 0 (id=1719):
r0 = socket(0x1d, 0x3, 0x1)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) (async, rerun: 32)
bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) (async, rerun: 32)
setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x0)
recvmmsg$auto(r1, &(0x7f0000000280)={{&(0x7f0000000080)="26970e604b46f7f97061f18a07de18212c58da472b803d5491303657094a652345a12a2184b421c963a5687e0d8f40a36f25139ddfae4eec5c9786d9f6108f928454279cbb14b87df282d929b328fa9490fbd8a38d342f1c1dc99444ee7e47b7c52e884ad5d5d2e88fb786d857485a62969c115437493ec2809cbef37e3c24", 0x8001, &(0x7f0000000200)={&(0x7f0000000100)="249d567653ce49e1ef47a354cb5a82d7ad5a7cae4c33ac105836470688a2ed7a0e85e85ede7413e548869c5479fe356b9bddab389071577e8ce37dd983faaf77167cd5ddded062b124b3d7e37452856b97829a9d4364a97dd4982ee97df58cf81ca53477ac8b6f307bd657d502353315ae33fe0ddcc150e94aa0b48e36b60f432ba33173f8c8f8fe7248677284c2e6cb8f25602b336bc31d251d0ec7345874375fa4deceafc4c6418082d4dca2c400d4de383c0c9d5c19120d4488e5763fccf4871c6e1c2f5b8d564178c7330acc5236a2118300dfc9c5cf40d52566fe1ef17427654122924cb973acfa7023dcced42a66c10308ba64", 0x8}, 0xfc8, &(0x7f0000000240)="92b74e4f8e99a145434c75fc38c2aa91ec3cdc95bbeb20a7f98e7b391d5d", 0x3a, 0xffffff7f}, 0x7dd}, 0x1000, 0xcc, &(0x7f00000002c0)={0x8001, 0x4}) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
io_uring_setup$auto(0x6, 0x0) (rerun: 32)
mmap$auto(0x2, 0x400008, 0x8, 0x9b72, 0xffffffffffffffff, 0x10000)
close_range$auto(0x2, 0xa, 0x0) (async, rerun: 64)
socket(0xa, 0x1, 0x0) (async, rerun: 64)
socket(0x15, 0x6, 0xff)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
recvfrom$auto(0xffffffffffffffff, 0xfffffffffffffffe, 0x3, 0xffffff2e, 0x0, 0x0)
r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
madvise$auto(0x20000000, 0x8000000000000000, 0x63e) (async)
mmap$auto(0x3, 0xfd, 0x800, 0xfffffffffffffff1, r2, 0x8000) (async)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000) (async)
mmap$auto(0x0, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff5, 0x4000000000000002}, 0x0, 0xf4240, 0x400)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs\x00', 0xa0582, 0x0)
write$auto(r4, 0x0, 0x2b6) (async, rerun: 64)
syz_clone3(&(0x7f0000000080)={0xe0000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, &(0x7f00000004c0)}, 0x58) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) (async, rerun: 64)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) (rerun: 64)

0s ago: executing program 0 (id=1720):
semop$auto(0x6a5, &(0x7f0000000040)={0x807, 0x8, 0x4}, 0x1)
semop$auto(0x4, &(0x7f0000000080)={0x14, 0xf5, 0x1}, 0xb4cb)
semtimedop$auto(0x1, &(0x7f00000000c0)={0x1, 0xa, 0x104}, 0x8, &(0x7f0000000100)={0x2000001fc, 0xfffdfffefffffcd7})
semtimedop$auto(0x9, &(0x7f0000000140)={0x5, 0x8, 0x3}, 0x9, 0x0)
mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000280)={0xffffffffffffdc21, 0x3})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_VENDOR(r0, 0x0, 0x4048800)
msgctl$auto_MSG_STAT_ANY(0x22f7, 0xd, 0x0)
getpgrp(0x0)
sendmsg$auto_TIPC_NL_LINK_SET(r0, 0x0, 0x0)
semop$auto(0x4, 0x0, 0x7)
r1 = openat$auto_ima_htable_violations_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
semtimedop$auto(0x459, &(0x7f0000002100)={0x8, 0x0, 0x3}, 0x766698a9, &(0x7f0000002140)={0x100000001, 0x9})
ioperm$auto(0x90d5, 0xb, 0x1000003)
flock$auto(0xffffffffffffffff, 0x2)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002280)='/dev/adsp1\x00', 0x8000, 0x0)
mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9)
semop$auto(0x5, 0x0, 0x0)
mmap$auto(0x0, 0x4, 0xea, 0x20000000000eb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
modify_ldt$auto(0x1, 0x0, 0x3)
clock_getres$auto(0x2000bcd, 0x0)
futex_wait$auto(&(0x7f00000002c0)="6563d74def3bb0e89346fb83eac49653f277eb6a56eecba31e002b28ecfa8730ca17505dd10e75212a5998f6ce1ff7ff7502f3fb30bd51cd7992c454d346000000d90215918bf44f8cf82681beab779639459406d244a7a373ac5df071b7dfaece25ba1191acb019d545c6782c31f814cde19546e3665250533842a9dc6ecd86d3546c3f57d03862af2a5c3c9e4996fe71068635b87266b97d338954e05d5cd5e00a90885db73211a49a5c0e3aefbce85a891faee02d68b659f38a9d3875f97ec597e8a0fd9373da94ce666e", 0x3, 0x2, 0xe, 0x0, 0x0)
getsockopt$auto_SO_SNDLOWAT(r1, 0x0, 0x13, 0x0, &(0x7f0000002840)=0x9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0xfff)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10)

kernel console output (not intermixed with test programs):





	













	
		




	









	










	






	






		








		
	


		
	

		
	








	
	
	

	


	
	





	







	
	


	

	
		

		
	

	
	
		
	
	
		











	

	

	


	



	
	








	











	
	



	


	
		


		

	



	
	
	
	
	


		
		

		




	
		

	


	
	

		
	
		
	
	



			








	




	











	
		
		
		
		
	

	



	

	

		

			
		
		
		

		


		


















	










	




	




		






	

	
				
	
	



	
			

	
		

	


	

	

		
	
		
	
	



			








	

	















	





















	

	


		
	
	












	



	


	















	













	
		






	









	










	






	






		







	
	

	





	
		

	


	
	

		
	
		
	
	



			








	




	





	

	

	

		










		











	

	
	
















	





	





		







	

	
		



	



	
	
	

	

		
		
			

	


			
	
	

	
	

		

		
		

	

	
		

	

	
		
	
	

	

	

	
		
	

	
		




	

	
				
	
		
	


	




	
	
	

	
		
	

			
	

	
		
	

	

	
	
		
		


	

	

	
	
		
		


	

			
	
	
	
	
	
	
	

	
		
	

	
		


	
	


	
	

	
[  413.539257][T11537] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  413.762835][T11541] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  413.876797][T11540] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  414.716176][T11570] tipc: Started in network mode
[  414.727379][T11570] tipc: Node identity ee00, cluster identity 4711
[  414.745897][T11570] tipc: Node number set to 60928
[  415.046871][T11579] FAULT_INJECTION: forcing a failure.
[  415.046871][T11579] name failslab, interval 1, probability 0, space 0, times 0
[  415.081816][T11579] CPU: 1 UID: 0 PID: 11579 Comm: syz.0.1038 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  415.081863][T11579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  415.081882][T11579] Call Trace:
[  415.081891][T11579]  <TASK>
[  415.081904][T11579]  dump_stack_lvl+0x16c/0x1f0
[  415.081960][T11579]  should_fail_ex+0x512/0x640
[  415.082006][T11579]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  415.082061][T11579]  should_failslab+0xc2/0x120
[  415.082091][T11579]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  415.082141][T11579]  ? __d_alloc+0x31/0xaa0
[  415.082196][T11579]  __d_alloc+0x31/0xaa0
[  415.082250][T11579]  d_alloc_pseudo+0x1c/0xc0
[  415.082287][T11579]  alloc_file_pseudo+0xcf/0x230
[  415.082324][T11579]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  415.082372][T11579]  __shmem_file_setup+0x1a3/0x330
[  415.082419][T11579]  shmem_zero_setup+0x93/0x1a0
[  415.082467][T11579]  __mmap_region+0x1ed0/0x25e0
[  415.082519][T11579]  ? __pfx___mmap_region+0x10/0x10
[  415.082567][T11579]  ? rcu_is_watching+0x12/0xc0
[  415.082607][T11579]  ? rcu_is_watching+0x12/0xc0
[  415.082637][T11579]  ? trace_sched_exit_tp+0xde/0x130
[  415.082687][T11579]  ? __schedule+0x1181/0x5de0
[  415.082756][T11579]  ? __pfx___schedule+0x10/0x10
[  415.082850][T11579]  ? trace_cap_capable+0x18d/0x200
[  415.082895][T11579]  mmap_region+0x1ab/0x3f0
[  415.082943][T11579]  ? __get_unmapped_area+0x267/0x440
[  415.082985][T11579]  do_mmap+0xa3e/0x1210
[  415.083029][T11579]  ? __pfx_do_mmap+0x10/0x10
[  415.083065][T11579]  ? __pfx_down_write_killable+0x10/0x10
[  415.083110][T11579]  vm_mmap_pgoff+0x281/0x450
[  415.083149][T11579]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  415.083190][T11579]  ? __x64_sys_futex+0x1e0/0x4c0
[  415.083227][T11579]  ? __x64_sys_futex+0x1e9/0x4c0
[  415.083272][T11579]  ksys_mmap_pgoff+0x7d/0x5c0
[  415.083304][T11579]  ? xfd_validate_state+0x61/0x180
[  415.083341][T11579]  ? __pfx_ksys_write+0x10/0x10
[  415.083391][T11579]  __x64_sys_mmap+0x125/0x190
[  415.083440][T11579]  do_syscall_64+0xcd/0x490
[  415.083474][T11579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.083506][T11579] RIP: 0033:0x7f8b56d8e929
[  415.083532][T11579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.083564][T11579] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  415.083594][T11579] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  415.083614][T11579] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  415.083632][T11579] RBP: 00007f8b56e10b39 R08: fffffffffffffffa R09: 0000000000008000
[  415.083658][T11579] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  415.083676][T11579] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  415.083718][T11579]  </TASK>
[  415.093924][T11580] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  415.370650][ T5840] Bluetooth: hci1: unexpected subevent 0x19 length: 252 > 28
[  415.383651][ T5840] Bluetooth: hci1: Unable to find connection with handle 0xc3d2
[  417.801573][T11638] zero sized request
[  417.860337][T11640] netlink: 'syz.3.1048': attribute type 35 has an invalid length.
[  417.876301][T11627] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  419.688954][T11676] Format for deleting device is "id" (uint).
[  419.719805][T11676] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  419.790862][T11676] netlink: 'syz.1.1057': attribute type 10 has an invalid length.
[  419.849099][T11676] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1057'.
[  420.789709][T11686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  420.820712][T11686] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  420.928809][T11686] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  421.029473][T11686] page_type: f5(slab)
[  421.055315][T11696] could not allocate digest TFM handle binfmt_misc
[  421.088172][T11686] raw: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  421.136335][T11686] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  421.217427][T11686] head: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  421.295111][T11686] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  421.335959][T11686] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  421.369563][T11686] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  421.395102][T11686] page dumped because: unmovable page
[  421.414556][T11686] page_owner tracks the page as allocated
[  421.502047][T11686] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor), ts 97838168918, free_ts 97746314108
[  421.525006][T11686]  post_alloc_hook+0x1c0/0x230
[  421.529931][T11686]  get_page_from_freelist+0x1321/0x3890
[  421.536125][T11686]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  421.542944][T11686]  alloc_pages_mpol+0x1fb/0x550
[  421.550307][T11686]  new_slab+0x23b/0x330
[  421.554960][T11686]  ___slab_alloc+0xd9c/0x1940
[  421.559971][T11686]  __slab_alloc.constprop.0+0x56/0xb0
[  421.565978][T11686]  __kmalloc_cache_noprof+0xfb/0x3e0
[  421.571579][T11686]  ipv6_add_dev+0x6b7/0x15f0
[  421.578301][T11686]  addrconf_notify+0x53e/0x19e0
[  421.614137][T11686]  notifier_call_chain+0xbc/0x410
[  421.767603][T11686]  call_netdevice_notifiers_info+0xbe/0x140
[  421.797495][T11686]  register_netdevice+0x182e/0x2270
[  421.822204][T11686]  veth_newlink+0x446/0xa00
[  421.882214][T11686]  rtnl_newlink+0xc45/0x2000
[  421.887036][T11686]  rtnetlink_rcv_msg+0x95b/0xe90
[  421.892445][T11686] page last free pid 5833 tgid 5833 stack trace:
[  421.898991][T11686]  __free_frozen_pages+0x7fe/0x1180
[  421.904869][T11686]  __put_partials+0x16d/0x1c0
[  421.909873][T11686]  qlist_free_all+0x4d/0x120
[  421.930100][T11686]  kasan_quarantine_reduce+0x195/0x1e0
[  421.945201][T11726] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  422.099728][T11686]  __kasan_slab_alloc+0x69/0x90
[  422.113381][T11712] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  422.175118][T11686]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  422.237447][T11686]  kset_create_and_add+0x4d/0x190
[  422.297769][T11686]  netdev_register_kobject+0x1c8/0x3a0
[  422.421315][T11686]  register_netdevice+0x13dc/0x2270
[  422.511282][T11686]  veth_newlink+0x446/0xa00
[  422.593772][T11686]  rtnl_newlink+0xc45/0x2000
[  422.607931][T11686]  rtnetlink_rcv_msg+0x95b/0xe90
[  422.629794][T11686]  netlink_rcv_skb+0x155/0x420
[  422.663296][T11686]  netlink_unicast+0x53d/0x7f0
[  422.686025][T11686]  netlink_sendmsg+0x8d1/0xdd0
[  422.694703][T11686]  __sys_sendto+0x4a0/0x520
[  422.805271][T11719] FAULT_INJECTION: forcing a failure.
[  422.805271][T11719] name failslab, interval 1, probability 0, space 0, times 0
[  422.819121][T11734] FAULT_INJECTION: forcing a failure.
[  422.819121][T11734] name failslab, interval 1, probability 0, space 0, times 0
[  422.861944][T11719] CPU: 0 UID: 0 PID: 11719 Comm: syz.0.1063 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  422.861981][T11719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  422.862002][T11719] Call Trace:
[  422.862011][T11719]  <TASK>
[  422.862022][T11719]  dump_stack_lvl+0x16c/0x1f0
[  422.862071][T11719]  should_fail_ex+0x512/0x640
[  422.862111][T11719]  ? __kmalloc_noprof+0xbf/0x510
[  422.862155][T11719]  ? xfrm_hash_alloc+0xd1/0x100
[  422.862203][T11719]  should_failslab+0xc2/0x120
[  422.862231][T11719]  __kmalloc_noprof+0xd2/0x510
[  422.862272][T11719]  ? xfrm_state_init+0x377/0x630
[  422.862311][T11719]  ? xfrm_state_init+0x381/0x630
[  422.862357][T11719]  xfrm_hash_alloc+0xd1/0x100
[  422.862399][T11719]  xfrm_net_init+0x35f/0xcc0
[  422.862449][T11719]  ? __pfx_xfrm_net_init+0x10/0x10
[  422.862493][T11719]  ops_init+0x1df/0x5f0
[  422.862526][T11719]  setup_net+0x1ff/0x510
[  422.862552][T11719]  ? lockdep_init_map_type+0x5c/0x280
[  422.862591][T11719]  ? __pfx_setup_net+0x10/0x10
[  422.862621][T11719]  ? debug_mutex_init+0x37/0x70
[  422.862651][T11719]  copy_net_ns+0x2a6/0x5f0
[  422.862687][T11719]  create_new_namespaces+0x3ea/0xa90
[  422.862725][T11719]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  422.862758][T11719]  ksys_unshare+0x45b/0xa40
[  422.862795][T11719]  ? __pfx_ksys_unshare+0x10/0x10
[  422.862832][T11719]  ? xfd_validate_state+0x61/0x180
[  422.862879][T11719]  __x64_sys_unshare+0x31/0x40
[  422.862914][T11719]  do_syscall_64+0xcd/0x490
[  422.862943][T11719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.862972][T11719] RIP: 0033:0x7f8b56d8e929
[  422.862995][T11719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.863024][T11719] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  422.863050][T11719] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  422.863068][T11719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  422.863084][T11719] RBP: 00007f8b56e10b39 R08: 0000000000000000 R09: 0000000000000000
[  422.863102][T11719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  422.863117][T11719] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  422.863154][T11719]  </TASK>
[  423.109207][T11734] CPU: 0 UID: 0 PID: 11734 Comm: syz.2.1065 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  423.109253][T11734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  423.109273][T11734] Call Trace:
[  423.109283][T11734]  <TASK>
[  423.109295][T11734]  dump_stack_lvl+0x16c/0x1f0
[  423.109360][T11734]  should_fail_ex+0x512/0x640
[  423.109408][T11734]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  423.109458][T11734]  should_failslab+0xc2/0x120
[  423.109487][T11734]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  423.109532][T11734]  ? __alloc_skb+0x2b2/0x380
[  423.109585][T11734]  __alloc_skb+0x2b2/0x380
[  423.109630][T11734]  ? __pfx___alloc_skb+0x10/0x10
[  423.109681][T11734]  ? __pfx___register_sysctl_table+0x10/0x10
[  423.109728][T11734]  ? is_module_address+0x69/0xf0
[  423.109773][T11734]  inet_netconf_notify_devconf+0x8b/0x1f0
[  423.109818][T11734]  __devinet_sysctl_register+0x227/0x360
[  423.109863][T11734]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  423.109907][T11734]  ? devinet_init_net+0xeb/0x910
[  423.109945][T11734]  ? __asan_memcpy+0x3c/0x60
[  423.109988][T11734]  devinet_init_net+0x347/0x910
[  423.110049][T11734]  ? __pfx_devinet_init_net+0x10/0x10
[  423.110093][T11734]  ops_init+0x1df/0x5f0
[  423.110130][T11734]  setup_net+0x1ff/0x510
[  423.110162][T11734]  ? lockdep_init_map_type+0x5c/0x280
[  423.110214][T11734]  ? __pfx_setup_net+0x10/0x10
[  423.110251][T11734]  ? debug_mutex_init+0x37/0x70
[  423.110288][T11734]  copy_net_ns+0x2a6/0x5f0
[  423.110331][T11734]  create_new_namespaces+0x3ea/0xa90
[  423.110377][T11734]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  423.110416][T11734]  ksys_unshare+0x45b/0xa40
[  423.110460][T11734]  ? __pfx_ksys_unshare+0x10/0x10
[  423.110503][T11734]  ? xfd_validate_state+0x61/0x180
[  423.110558][T11734]  __x64_sys_unshare+0x31/0x40
[  423.110600][T11734]  do_syscall_64+0xcd/0x490
[  423.110634][T11734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.110669][T11734] RIP: 0033:0x7f1a2678e929
[  423.110695][T11734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.110727][T11734] RSP: 002b:00007f1a275c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  423.110760][T11734] RAX: ffffffffffffffda RBX: 00007f1a269b6080 RCX: 00007f1a2678e929
[  423.110781][T11734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  423.110800][T11734] RBP: 00007f1a26810b39 R08: 0000000000000000 R09: 0000000000000000
[  423.110819][T11734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  423.110838][T11734] R13: 0000000000000000 R14: 00007f1a269b6080 R15: 00007fff61cf9d58
[  423.110879][T11734]  </TASK>
[  424.443827][T11769] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  424.784707][T11767] Invalid ELF header magic: != ELF
[  425.930204][T11797] ubi0: attaching mtd0
[  425.936042][T11797] ubi0: scanning is finished
[  425.940691][T11797] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  426.211576][T11797] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  426.933029][T11805] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1076'.
[  429.013141][T11844] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  429.213803][T11847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1086'.
[  430.518363][T11882] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  432.298050][T11907] netlink: 'syz.0.1098': attribute type 11 has an invalid length.
[  432.426634][T11907] netlink: 'syz.0.1098': attribute type 11 has an invalid length.
[  432.467908][T11907] netlink: 'syz.0.1098': attribute type 11 has an invalid length.
[  432.511933][T11907] netlink: 'syz.0.1098': attribute type 11 has an invalid length.
[  432.536213][T11919] vhci_hcd: not connected 4
[  432.880798][T11918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  432.893072][T11918] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  433.042355][T11918] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  433.067942][T11918] page_type: f5(slab)
[  433.085775][T11918] raw: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  433.109698][T11918] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  433.122110][T11918] head: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  433.134817][T11918] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  433.162262][T11918] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  433.193500][T11918] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  433.202872][T11918] page dumped because: unmovable page
[  433.291985][T11918] page_owner tracks the page as allocated
[  433.322025][T11918] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor), ts 97838168918, free_ts 97746314108
[  433.343489][    C1] vkms_vblank_simulate: vblank timer overrun
[  433.377578][T11918]  post_alloc_hook+0x1c0/0x230
[  433.383247][T11918]  get_page_from_freelist+0x1321/0x3890
[  433.421173][T11918]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  433.433218][T11918]  alloc_pages_mpol+0x1fb/0x550
[  433.514083][T11918]  new_slab+0x23b/0x330
[  433.546725][T11918]  ___slab_alloc+0xd9c/0x1940
[  433.561707][T11918]  __slab_alloc.constprop.0+0x56/0xb0
[  433.571876][T11918]  __kmalloc_cache_noprof+0xfb/0x3e0
[  433.637722][T11918]  ipv6_add_dev+0x6b7/0x15f0
[  433.681732][T11918]  addrconf_notify+0x53e/0x19e0
[  433.705840][T11918]  notifier_call_chain+0xbc/0x410
[  433.713834][T11918]  call_netdevice_notifiers_info+0xbe/0x140
[  433.719884][T11918]  register_netdevice+0x182e/0x2270
[  433.725264][T11918]  veth_newlink+0x446/0xa00
[  433.729832][T11918]  rtnl_newlink+0xc45/0x2000
[  433.734599][T11918]  rtnetlink_rcv_msg+0x95b/0xe90
[  433.739764][T11918] page last free pid 5833 tgid 5833 stack trace:
[  433.747760][T11918]  __free_frozen_pages+0x7fe/0x1180
[  433.771921][T11918]  __put_partials+0x16d/0x1c0
[  433.785945][T11918]  qlist_free_all+0x4d/0x120
[  433.801373][T11918]  kasan_quarantine_reduce+0x195/0x1e0
[  433.821622][T11918]  __kasan_slab_alloc+0x69/0x90
[  433.842016][T11918]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  433.848544][T11918]  kset_create_and_add+0x4d/0x190
[  433.855854][T11918]  netdev_register_kobject+0x1c8/0x3a0
[  433.874183][T11918]  register_netdevice+0x13dc/0x2270
[  433.884302][T11918]  veth_newlink+0x446/0xa00
[  433.894439][T11918]  rtnl_newlink+0xc45/0x2000
[  433.912022][T11918]  rtnetlink_rcv_msg+0x95b/0xe90
[  433.917153][T11918]  netlink_rcv_skb+0x155/0x420
[  433.931506][T11944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1103'.
[  433.945047][T11918]  netlink_unicast+0x53d/0x7f0
[  433.960104][T11918]  netlink_sendmsg+0x8d1/0xdd0
[  433.981427][T11918]  __sys_sendto+0x4a0/0x520
[  434.125145][T11936] openvswitch: HfR: Dropping previously announced user features
[  434.265631][T11944] HfR: left promiscuous mode
[  435.062223][T11955] mkiss: ax0: crc mode is auto.
[  436.186599][T11994] vhci_hcd: invalid port number 16
[  436.198215][T11994] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  436.421645][T12006] program syz.3.1117 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  436.433725][T12006] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  438.655884][T12067] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1128'.
[  438.738728][T12067] nbd: must specify a device to reconfigure
[  439.522053][T12091] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  439.838446][T12097] ima: policy update failed
[  439.847739][   T30] audit: type=1802 audit(4295005837.474:17): pid=12097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1135" res=0 errno=0
[  440.191134][T12105] ACPI: Can not change Invalid GPE/Fixed Event status
[  440.219926][T12104] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1137'.
[  440.610461][T12111] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  441.017533][T12114] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  441.499391][T12118] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  441.522113][T12118] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  441.541394][T12118] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  441.552347][T12118] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  441.581687][T12118] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  441.587935][T12126] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  441.772365][T12133] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  443.021252][T12154] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  443.546095][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  443.546119][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  443.553058][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout
[  443.631985][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout
[  443.980708][T12167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1150'.
[  444.153372][T12170] : Can't lookup blockdev
[  444.986442][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  444.993529][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  445.702158][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout
[  446.013580][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.174443][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.230388][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.306815][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.352777][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.382430][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.402861][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.456768][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.517053][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.554491][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  446.574466][T12227] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  447.806563][ T5840] Bluetooth: hci1: unexpected event for opcode 0x7c89
[  449.196823][T12280] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  449.215921][T12280] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  449.716118][ T5840] Bluetooth: hci2: Unable to find connection for big 0xd2
[  450.780737][T12311] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  451.842336][T12342] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  452.271348][T12360] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1184'.
[  452.328552][T12361] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1184'.
[  452.896458][T12371] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.32768.67108865), cmd(12)
[  452.927013][T12372] input: jJǸí¸ü;9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input31
[  453.538534][T12389] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1188'.
[  454.477841][T12404] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1191'.
[  455.181089][T12420] zram0: detected capacity change from 0 to 8
[  455.409894][T12416] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  455.595206][T12427] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1197'.
[  456.820057][T12456] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1202'.
[  456.833816][T12456] vivid-007: =================  START STATUS  =================
[  456.841650][T12456] vivid-007: Generate PTS: true
[  456.846828][T12456] vivid-007: Generate SCR: true
[  456.855125][T12456] tpg source WxH: 320x240 (Y'CbCr)
[  456.871001][T12456] tpg field: 1
[  456.880687][T12456] tpg crop: (0,0)/320x240
[  456.886719][T12456] tpg compose: (0,0)/320x240
[  456.891458][T12456] tpg colorspace: 8
[  456.895555][T12456] tpg transfer function: 0/0
[  456.900268][T12456] tpg Y'CbCr encoding: 0/0
[  456.905110][T12456] tpg quantization: 0/0
[  456.909500][T12456] tpg RGB range: 0/2
[  456.913793][T12456] vivid-007: ==================  END STATUS  ==================
[  457.690671][T12479] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  457.785339][T12481] FAULT_INJECTION: forcing a failure.
[  457.785339][T12481] name failslab, interval 1, probability 0, space 0, times 0
[  457.851958][T12481] CPU: 0 UID: 0 PID: 12481 Comm: syz.2.1206 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  457.852003][T12481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  457.852022][T12481] Call Trace:
[  457.852032][T12481]  <TASK>
[  457.852045][T12481]  dump_stack_lvl+0x16c/0x1f0
[  457.852102][T12481]  should_fail_ex+0x512/0x640
[  457.852149][T12481]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  457.852210][T12481]  should_failslab+0xc2/0x120
[  457.852240][T12481]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  457.852290][T12481]  ? __kernfs_new_node+0xd2/0x8e0
[  457.852340][T12481]  __kernfs_new_node+0xd2/0x8e0
[  457.852390][T12481]  ? __pfx___kernfs_new_node+0x10/0x10
[  457.852455][T12481]  ? find_held_lock+0x2b/0x80
[  457.852486][T12481]  ? kernfs_root+0xee/0x2a0
[  457.852534][T12481]  kernfs_new_node+0x13c/0x1e0
[  457.852588][T12481]  __kernfs_create_file+0x53/0x350
[  457.852627][T12481]  sysfs_add_file_mode_ns+0x207/0x3c0
[  457.852676][T12481]  internal_create_group+0x578/0xf30
[  457.852728][T12481]  ? __pfx_internal_create_group+0x10/0x10
[  457.852777][T12481]  ? kernfs_create_link+0x1bd/0x240
[  457.852818][T12481]  internal_create_groups+0x9d/0x150
[  457.852885][T12481]  device_add+0x6d1/0x1a70
[  457.852925][T12481]  ? __pfx_device_add+0x10/0x10
[  457.852959][T12481]  ? lockdep_init_map_type+0x5c/0x280
[  457.853004][T12481]  ? __init_waitqueue_head+0xca/0x150
[  457.853065][T12481]  netdev_register_kobject+0x182/0x3a0
[  457.853108][T12481]  register_netdevice+0x13dc/0x2270
[  457.853151][T12481]  ? __pfx_register_netdevice+0x10/0x10
[  457.853201][T12481]  ? __pfx_loopback_net_init+0x10/0x10
[  457.853242][T12481]  register_netdev+0x34/0x50
[  457.853276][T12481]  loopback_net_init+0x7a/0x170
[  457.853316][T12481]  ? __pfx_loopback_net_init+0x10/0x10
[  457.853351][T12481]  ops_init+0x1df/0x5f0
[  457.853404][T12481]  setup_net+0x1ff/0x510
[  457.853435][T12481]  ? lockdep_init_map_type+0x5c/0x280
[  457.853481][T12481]  ? __pfx_setup_net+0x10/0x10
[  457.853519][T12481]  ? debug_mutex_init+0x37/0x70
[  457.853555][T12481]  copy_net_ns+0x2a6/0x5f0
[  457.853596][T12481]  create_new_namespaces+0x3ea/0xa90
[  457.853644][T12481]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  457.853684][T12481]  ksys_unshare+0x45b/0xa40
[  457.853727][T12481]  ? __pfx_ksys_unshare+0x10/0x10
[  457.853771][T12481]  ? xfd_validate_state+0x61/0x180
[  457.853828][T12481]  __x64_sys_unshare+0x31/0x40
[  457.853872][T12481]  do_syscall_64+0xcd/0x490
[  457.853906][T12481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.853940][T12481] RIP: 0033:0x7f1a2678e929
[  457.853968][T12481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.854001][T12481] RSP: 002b:00007f1a275c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  457.854031][T12481] RAX: ffffffffffffffda RBX: 00007f1a269b6080 RCX: 00007f1a2678e929
[  457.854077][T12481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  457.854096][T12481] RBP: 00007f1a26810b39 R08: 0000000000000000 R09: 0000000000000000
[  457.854133][T12481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.854152][T12481] R13: 0000000000000000 R14: 00007f1a269b6080 R15: 00007fff61cf9d58
[  457.854202][T12481]  </TASK>
[  459.007412][T12502] sctp: [Deprecated]: syz.3.1212 (pid 12502) Use of struct sctp_assoc_value in delayed_ack socket option.
[  459.007412][T12502] Use struct sctp_sack_info instead
[  460.075795][T12526] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  460.261984][ T7187] ttyS ttyS0: 2 input overrun(s)
[  464.814583][T12604] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1233'.
[  465.212505][T12616] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  466.295310][ T5840] Bluetooth: hci2: Malformed HCI Event
[  467.133832][T12650] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  468.707103][T12678] ubi0: attaching mtd0
[  468.720629][T12678] ubi0: scanning is finished
[  468.725937][T12678] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  468.881818][T12678] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  469.689283][T12695] netlink: 'syz.0.1251': attribute type 11 has an invalid length.
[  469.947121][T12711] FAULT_INJECTION: forcing a failure.
[  469.947121][T12711] name failslab, interval 1, probability 0, space 0, times 0
[  469.963956][T12711] CPU: 1 UID: 0 PID: 12711 Comm: syz.3.1256 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  469.964003][T12711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.964024][T12711] Call Trace:
[  469.964035][T12711]  <TASK>
[  469.964048][T12711]  dump_stack_lvl+0x16c/0x1f0
[  469.964108][T12711]  should_fail_ex+0x512/0x640
[  469.964156][T12711]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  469.964206][T12711]  ? __pfx_blk_mq_debugfs_open+0x10/0x10
[  469.964256][T12711]  should_failslab+0xc2/0x120
[  469.964287][T12711]  __kmalloc_cache_noprof+0x6a/0x3e0
[  469.964331][T12711]  ? single_open+0x4d/0x1f0
[  469.964370][T12711]  ? __pfx_blk_mq_debugfs_open+0x10/0x10
[  469.964409][T12711]  ? __pfx_blk_mq_debugfs_show+0x10/0x10
[  469.964444][T12711]  single_open+0x4d/0x1f0
[  469.964491][T12711]  blk_mq_debugfs_open+0x14a/0x250
[  469.964528][T12711]  full_proxy_open_regular+0x1b6/0x360
[  469.964557][T12711]  do_dentry_open+0x744/0x1c10
[  469.964594][T12711]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  469.964626][T12711]  vfs_open+0x82/0x3f0
[  469.964654][T12711]  path_openat+0x1de4/0x2cb0
[  469.964697][T12711]  ? __pfx_path_openat+0x10/0x10
[  469.964733][T12711]  ? __lock_acquire+0xb8a/0x1c90
[  469.964768][T12711]  do_filp_open+0x20b/0x470
[  469.964802][T12711]  ? __pfx_do_filp_open+0x10/0x10
[  469.964857][T12711]  ? alloc_fd+0x471/0x7d0
[  469.964896][T12711]  do_sys_openat2+0x11b/0x1d0
[  469.964922][T12711]  ? __pfx_do_sys_openat2+0x10/0x10
[  469.964958][T12711]  __x64_sys_openat+0x174/0x210
[  469.964985][T12711]  ? __pfx___x64_sys_openat+0x10/0x10
[  469.965024][T12711]  do_syscall_64+0xcd/0x490
[  469.965048][T12711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.965072][T12711] RIP: 0033:0x7f8aecd8e929
[  469.965090][T12711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.965113][T12711] RSP: 002b:00007f8aedb90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  469.965135][T12711] RAX: ffffffffffffffda RBX: 00007f8aecfb5fa0 RCX: 00007f8aecd8e929
[  469.965151][T12711] RDX: 0000000000000001 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  469.965166][T12711] RBP: 00007f8aece10b39 R08: 0000000000000000 R09: 0000000000000000
[  469.965180][T12711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.965194][T12711] R13: 0000000000000000 R14: 00007f8aecfb5fa0 R15: 00007fff98b58c58
[  469.965231][T12711]  </TASK>
[  471.181896][   T30] audit: type=1800 audit(4295005882.786:18): pid=12735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1263" name="version" dev="configfs" ino=41993 res=0 errno=0
[  471.448234][T12747] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  472.476503][T12768] vcan0: tx drop: invalid da for name 0x000000000000003f
[  473.211687][ T5840] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  476.472647][T12834] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  476.526818][T12858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1289'.
[  476.536290][T12858] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.544273][T12858] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.575747][T12858] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.594716][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1289'.
[  476.632243][T12858] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.833882][T12870] busy
[  479.878007][T12905] kexec: Could not allocate control_code_buffer
[  481.006333][T12935] kAFS: Invalid Command on /proc/fs/afs/cells file
[  481.017443][T12935] FAULT_INJECTION: forcing a failure.
[  481.017443][T12935] name failslab, interval 1, probability 0, space 0, times 0
[  481.033396][T12935] CPU: 1 UID: 0 PID: 12935 Comm: syz.3.1305 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  481.033435][T12935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.033453][T12935] Call Trace:
[  481.033463][T12935]  <TASK>
[  481.033475][T12935]  dump_stack_lvl+0x16c/0x1f0
[  481.033530][T12935]  should_fail_ex+0x512/0x640
[  481.033581][T12935]  ? __kmalloc_noprof+0xbf/0x510
[  481.033631][T12935]  ? drm_ioctl+0x4cc/0xc30
[  481.033655][T12935]  should_failslab+0xc2/0x120
[  481.033684][T12935]  __kmalloc_noprof+0xd2/0x510
[  481.033726][T12935]  ? drm_dev_exit+0x41/0x60
[  481.033781][T12935]  drm_ioctl+0x4cc/0xc30
[  481.033815][T12935]  ? __pfx_drm_mode_rmfb_ioctl+0x10/0x10
[  481.033859][T12935]  ? __pfx_drm_ioctl+0x10/0x10
[  481.033911][T12935]  ? find_held_lock+0x2b/0x80
[  481.033962][T12935]  ? __pfx_drm_ioctl+0x10/0x10
[  481.034036][T12935]  __x64_sys_ioctl+0x18e/0x210
[  481.034078][T12935]  do_syscall_64+0xcd/0x490
[  481.034114][T12935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.034147][T12935] RIP: 0033:0x7f8aecd8e929
[  481.034173][T12935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.034207][T12935] RSP: 002b:00007f8aedb90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  481.034238][T12935] RAX: ffffffffffffffda RBX: 00007f8aecfb5fa0 RCX: 00007f8aecd8e929
[  481.034260][T12935] RDX: ffffffffffffffff RSI: 00000000901064af RDI: 0000000000000007
[  481.034286][T12935] RBP: 00007f8aece10b39 R08: 0000000000000000 R09: 0000000000000000
[  481.034306][T12935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.034328][T12935] R13: 0000000000000000 R14: 00007f8aecfb5fa0 R15: 00007fff98b58c58
[  481.034359][T12935]  </TASK>
[  481.566019][T12938] random: crng reseeded on system resumption
[  481.680532][T12943] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  481.680532][T12943] The task syz.1.1308 (12943) triggered the difference, watch for misbehavior.
[  482.222135][ T5840] Bluetooth: hci0: Malformed LE Event: 0x1d
[  482.524020][T12961] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  482.701066][T12974] Invalid ELF header magic: != ELF
[  483.557509][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  483.579506][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  483.604677][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  483.625345][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  483.642584][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  483.661389][T12980] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  484.054109][T13006] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1317'.
[  484.066843][T13006] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  485.013933][T13005] Console: switching to colour frame buffer device 128x48
[  485.515238][T13025] i2c i2c-0: new_device: Can't parse I2C address
[  485.524500][T13019] ovs_ÿþ: entered promiscuous mode
[  488.143048][T13088] kAFS: unparsable volume name
[  490.495630][T13113] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1342'.
[  490.620370][T13113] team0: Port device team_slave_0 removed
[  491.878368][T13132] busy
[  491.973951][T13133] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  492.078579][T13133] : Can't lookup blockdev
[  492.675546][T13140] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  494.299196][T13170] netlink: 'syz.3.1351': attribute type 11 has an invalid length.
[  494.309083][T13170] netlink: 'syz.3.1351': attribute type 11 has an invalid length.
[  494.317445][T13170] netlink: 'syz.3.1351': attribute type 11 has an invalid length.
[  494.338351][ T5840] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  494.480669][T13171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  494.490310][T13171] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  494.499208][T13171] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  494.510465][T13171] page_type: f5(slab)
[  494.541451][T13171] raw: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  494.550602][T13171] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  494.559668][T13171] head: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  494.569415][T13171] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  494.578549][T13171] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  494.587857][T13171] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  494.597077][T13171] page dumped because: unmovable page
[  494.602882][T13171] page_owner tracks the page as allocated
[  494.608749][T13171] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor), ts 97838168918, free_ts 97746314108
[  494.646499][T13171]  post_alloc_hook+0x1c0/0x230
[  494.686746][T13171]  get_page_from_freelist+0x1321/0x3890
[  494.692598][T13171]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  494.712041][T13171]  alloc_pages_mpol+0x1fb/0x550
[  494.717052][T13171]  new_slab+0x23b/0x330
[  494.721374][T13171]  ___slab_alloc+0xd9c/0x1940
[  494.727164][T13171]  __slab_alloc.constprop.0+0x56/0xb0
[  494.735269][T13171]  __kmalloc_cache_noprof+0xfb/0x3e0
[  494.743395][T13171]  ipv6_add_dev+0x6b7/0x15f0
[  494.755012][T13171]  addrconf_notify+0x53e/0x19e0
[  494.772085][T13171]  notifier_call_chain+0xbc/0x410
[  494.849082][T13171]  call_netdevice_notifiers_info+0xbe/0x140
[  494.881661][T13171]  register_netdevice+0x182e/0x2270
[  494.930218][T13171]  veth_newlink+0x446/0xa00
[  494.939704][T13171]  rtnl_newlink+0xc45/0x2000
[  494.973107][T13171]  rtnetlink_rcv_msg+0x95b/0xe90
[  494.980109][T13171] page last free pid 5833 tgid 5833 stack trace:
[  494.993016][T13171]  __free_frozen_pages+0x7fe/0x1180
[  495.127181][T13171]  __put_partials+0x16d/0x1c0
[  495.153620][T13170] could not allocate digest TFM handle binfmt_misc
[  495.157983][T13171]  qlist_free_all+0x4d/0x120
[  495.214869][T13171]  kasan_quarantine_reduce+0x195/0x1e0
[  495.422901][T13171]  __kasan_slab_alloc+0x69/0x90
[  495.435133][T13171]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  495.440620][T13171]  kset_create_and_add+0x4d/0x190
[  495.446283][T13171]  netdev_register_kobject+0x1c8/0x3a0
[  495.453075][T13171]  register_netdevice+0x13dc/0x2270
[  495.458485][T13171]  veth_newlink+0x446/0xa00
[  495.465553][T13171]  rtnl_newlink+0xc45/0x2000
[  495.470607][T13171]  rtnetlink_rcv_msg+0x95b/0xe90
[  495.477289][T13171]  netlink_rcv_skb+0x155/0x420
[  495.482702][T13171]  netlink_unicast+0x53d/0x7f0
[  495.487833][T13171]  netlink_sendmsg+0x8d1/0xdd0
[  495.502069][T13171]  __sys_sendto+0x4a0/0x520
[  496.523999][T13182] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  497.196036][T13189] FAULT_INJECTION: forcing a failure.
[  497.196036][T13189] name failslab, interval 1, probability 0, space 0, times 0
[  497.282667][T13189] CPU: 0 UID: 0 PID: 13189 Comm: syz.1.1354 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  497.282712][T13189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  497.282732][T13189] Call Trace:
[  497.282743][T13189]  <TASK>
[  497.282756][T13189]  dump_stack_lvl+0x16c/0x1f0
[  497.282806][T13189]  should_fail_ex+0x512/0x640
[  497.282842][T13189]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  497.282881][T13189]  should_failslab+0xc2/0x120
[  497.282908][T13189]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  497.282947][T13189]  ? alloc_empty_file+0x55/0x1e0
[  497.282977][T13189]  alloc_empty_file+0x55/0x1e0
[  497.283003][T13189]  path_openat+0xda/0x2cb0
[  497.283042][T13189]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.283089][T13189]  ? __pfx_path_openat+0x10/0x10
[  497.283138][T13189]  ? __lock_acquire+0xb8a/0x1c90
[  497.283182][T13189]  do_filp_open+0x20b/0x470
[  497.283218][T13189]  ? __pfx_do_filp_open+0x10/0x10
[  497.283275][T13189]  ? alloc_fd+0x471/0x7d0
[  497.283316][T13189]  do_sys_openat2+0x11b/0x1d0
[  497.283343][T13189]  ? __pfx_do_sys_openat2+0x10/0x10
[  497.283381][T13189]  __x64_sys_openat+0x174/0x210
[  497.283409][T13189]  ? __pfx___x64_sys_openat+0x10/0x10
[  497.283449][T13189]  do_syscall_64+0xcd/0x490
[  497.283473][T13189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.283498][T13189] RIP: 0033:0x7f1012b8e929
[  497.283517][T13189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.283542][T13189] RSP: 002b:00007f10139b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  497.283565][T13189] RAX: ffffffffffffffda RBX: 00007f1012db6160 RCX: 00007f1012b8e929
[  497.283581][T13189] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  497.283597][T13189] RBP: 00007f1012c10b39 R08: 0000000000000000 R09: 0000000000000000
[  497.283612][T13189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.283626][T13189] R13: 0000000000000000 R14: 00007f1012db6160 R15: 00007fffab342d28
[  497.283657][T13189]  </TASK>
[  497.497132][T13187] Console: switching to colour VGA+ 80x9
[  497.673808][T13187] Console: switching to colour frame buffer device 128x48
[  500.235093][T13232] kAFS: Invalid Command on /proc/fs/afs/cells file
[  500.254581][T13232] FAULT_INJECTION: forcing a failure.
[  500.254581][T13232] name failslab, interval 1, probability 0, space 0, times 0
[  500.297992][T13232] CPU: 1 UID: 0 PID: 13232 Comm: syz.3.1362 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  500.298034][T13232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  500.298052][T13232] Call Trace:
[  500.298061][T13232]  <TASK>
[  500.298072][T13232]  dump_stack_lvl+0x16c/0x1f0
[  500.298123][T13232]  should_fail_ex+0x512/0x640
[  500.298165][T13232]  ? __kmalloc_noprof+0xbf/0x510
[  500.298209][T13232]  ? drm_ioctl+0x4cc/0xc30
[  500.298232][T13232]  should_failslab+0xc2/0x120
[  500.298258][T13232]  __kmalloc_noprof+0xd2/0x510
[  500.298295][T13232]  ? drm_dev_exit+0x41/0x60
[  500.298330][T13232]  drm_ioctl+0x4cc/0xc30
[  500.298361][T13232]  ? __pfx_drm_mode_rmfb_ioctl+0x10/0x10
[  500.298398][T13232]  ? __pfx_drm_ioctl+0x10/0x10
[  500.298444][T13232]  ? find_held_lock+0x2b/0x80
[  500.298489][T13232]  ? __pfx_drm_ioctl+0x10/0x10
[  500.298535][T13232]  __x64_sys_ioctl+0x18e/0x210
[  500.298571][T13232]  do_syscall_64+0xcd/0x490
[  500.298601][T13232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.298629][T13232] RIP: 0033:0x7f8aecd8e929
[  500.298652][T13232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.298680][T13232] RSP: 002b:00007f8aedb90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  500.298715][T13232] RAX: ffffffffffffffda RBX: 00007f8aecfb5fa0 RCX: 00007f8aecd8e929
[  500.298734][T13232] RDX: ffffffffffffffff RSI: 00000000901064af RDI: 0000000000000007
[  500.298752][T13232] RBP: 00007f8aece10b39 R08: 0000000000000000 R09: 0000000000000000
[  500.298770][T13232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  500.298787][T13232] R13: 0000000000000000 R14: 00007f8aecfb5fa0 R15: 00007fff98b58c58
[  500.298823][T13232]  </TASK>
[  500.317527][T13226] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.428477][    C0] vkms_vblank_simulate: vblank timer overrun
[  500.656787][T13237] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1363'.
[  502.554965][T13265] Invalid ELF header magic: != ELF
[  504.221777][T12159] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  504.233636][T12159] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  504.241556][T12159] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  504.252879][T12159] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  504.277204][T12159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  505.231682][T13297] chnl_net:caif_netlink_parms(): no params data found
[  505.577942][T13318] could not allocate digest TFM handle 
[  506.342065][T12159] Bluetooth: hci1: command tx timeout
[  506.407569][T13297] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.415572][T13297] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.428920][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  506.435435][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  506.448226][T13297] bridge_slave_0: entered allmulticast mode
[  506.456705][T13297] bridge_slave_0: entered promiscuous mode
[  506.533694][T13297] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.551123][T13297] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.568978][T13297] bridge_slave_1: entered allmulticast mode
[  506.580131][T13297] bridge_slave_1: entered promiscuous mode
[  506.707115][T13297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  506.745767][T13297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  506.945335][T13297] team0: Port device team_slave_0 added
[  506.968104][T13297] team0: Port device team_slave_1 added
[  507.070009][T13297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  507.092015][T13297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.142041][T13297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.164409][T13297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.171726][T13297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.245225][T13297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.455381][T13297] hsr_slave_0: entered promiscuous mode
[  507.479705][T13297] hsr_slave_1: entered promiscuous mode
[  507.492797][T13297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  507.518327][T13297] Cannot create hsr debugfs directory
[  508.198785][T13297] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  508.268380][T13297] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  508.422072][T12159] Bluetooth: hci1: command tx timeout
[  508.422872][T13297] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  508.526723][T13297] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  509.781005][T13297] 8021q: adding VLAN 0 to HW filter on device bond0
[  509.874028][T13297] 8021q: adding VLAN 0 to HW filter on device team0
[  509.927311][ T7176] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.934556][ T7176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  509.974039][ T7176] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.981342][ T7176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.502239][T12159] Bluetooth: hci1: command tx timeout
[  510.685988][T13297] 8021q: adding VLAN 0 to HW filter on device batadv0
[  511.776632][T13297] veth0_vlan: entered promiscuous mode
[  511.822190][T13297] veth1_vlan: entered promiscuous mode
[  511.843709][T13403] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  511.885988][T13297] veth0_macvtap: entered promiscuous mode
[  511.920118][T13297] veth1_macvtap: entered promiscuous mode
[  512.016510][T13297] batman_adv: batadv0: Interface activated: batadv_slave_0
[  512.066576][T13297] batman_adv: batadv0: Interface activated: batadv_slave_1
[  512.148900][T13297] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  512.208515][T13297] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  512.230858][T13297] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  512.252931][T13297] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  512.582617][T12159] Bluetooth: hci1: command tx timeout
[  512.700700][ T7193] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  512.715417][ T7193] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  512.756789][ T7193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  512.786307][ T7193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.260441][T13422] ima: policy update failed
[  513.284093][   T30] audit: type=1802 audit(4295005924.916:19): pid=13422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1395" res=0 errno=0
[  513.304091][T13422] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  513.453469][T13422] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1395'.
[  513.655739][T13429] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  513.969003][T13435] kAFS: Invalid Command on /proc/fs/afs/cells file
[  514.783109][T13444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1400'.
[  514.844971][T13444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1400'.
[  515.099844][T13441] Invalid ELF header magic: != ELF
[  515.513033][T12159] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  516.197118][T13478] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1405'.
[  516.699932][T13485] kAFS: Invalid Command on /proc/fs/afs/cells file
[  519.054889][T13521] Invalid ELF header magic: != ELF
[  519.374988][T13534] kAFS: Invalid Command on /proc/fs/afs/cells file
[  522.833217][T13595] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  525.411087][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  525.419001][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  525.439631][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  525.453711][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  525.465081][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  525.476382][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  527.481406][T13706] binder: 13705:13706 ioctl c018620c 0 returned -22
[  527.569385][T13709] mkiss: ax0: crc mode is auto.
[  528.114509][T13703] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1447'.
[  528.247433][T13726] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1450'.
[  528.390580][T13728] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1451'.
[  531.226065][T13776] kAFS: Invalid Command on /proc/fs/afs/cells file
[  531.290094][T13776] FAULT_INJECTION: forcing a failure.
[  531.290094][T13776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.358918][T13776] CPU: 0 UID: 0 PID: 13776 Comm: syz.0.1462 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  531.358965][T13776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  531.358984][T13776] Call Trace:
[  531.358996][T13776]  <TASK>
[  531.359021][T13776]  dump_stack_lvl+0x16c/0x1f0
[  531.359078][T13776]  should_fail_ex+0x512/0x640
[  531.359133][T13776]  _copy_from_user+0x2e/0xd0
[  531.359186][T13776]  drm_ioctl+0x4fb/0xc30
[  531.359221][T13776]  ? __pfx_drm_mode_rmfb_ioctl+0x10/0x10
[  531.359264][T13776]  ? __pfx_drm_ioctl+0x10/0x10
[  531.359340][T13776]  ? __pfx_drm_ioctl+0x10/0x10
[  531.359393][T13776]  __x64_sys_ioctl+0x18e/0x210
[  531.359453][T13776]  do_syscall_64+0xcd/0x490
[  531.359486][T13776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.359533][T13776] RIP: 0033:0x7f8b56d8e929
[  531.359558][T13776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.359589][T13776] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  531.359619][T13776] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  531.359639][T13776] RDX: ffffffffffffffff RSI: 00000000901064af RDI: 0000000000000007
[  531.359659][T13776] RBP: 00007f8b56e10b39 R08: 0000000000000000 R09: 0000000000000000
[  531.359700][T13776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  531.359720][T13776] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  531.359780][T13776]  </TASK>
[  532.415174][T13793] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  532.943823][T13791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1464'.
[  533.658907][T13806] Console: switching to colour VGA+ 80x9
[  534.536646][T13822] kAFS: Invalid Command on /proc/fs/afs/cells file
[  534.771010][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1471'.
[  534.800305][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1471'.
[  535.193387][T13840] Invalid ELF header magic: != ELF
[  538.080075][T13882] kAFS: Invalid Command on /proc/fs/afs/cells file
[  538.195122][   T30] audit: type=1800 audit(4294967306.100:20): pid=13884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1484" name="version" dev="configfs" ino=47475 res=0 errno=0
[  539.185344][T13892] cgroup: fork rejected by pids controller in /syz4
[  543.046199][T14092] kAFS: Invalid Command on /proc/fs/afs/cells file
[  545.418622][T14126] Invalid ELF header magic: != ELF
[  550.139584][T14158] could not allocate digest TFM handle binfmt_misc
[  550.167415][T14154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  550.232062][T14154] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  550.240761][T14154] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  550.314411][ T6145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.351921][T14154] page_type: f5(slab)
[  550.356095][T14154] raw: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  550.395485][T14154] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  550.441988][T14154] head: 00fff00000000040 ffff88801b44b500 dead000000000122 0000000000000000
[  550.450781][T14154] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  550.529581][T14154] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  550.622331][T14154] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  550.631601][T14154] page dumped because: unmovable page
[  550.639415][T14154] page_owner tracks the page as allocated
[  550.655548][T14154] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor), ts 97838168918, free_ts 97746314108
[  550.723522][T14154]  post_alloc_hook+0x1c0/0x230
[  550.728485][T14154]  get_page_from_freelist+0x1321/0x3890
[  550.763084][T14154]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  550.769050][T14154]  alloc_pages_mpol+0x1fb/0x550
[  550.801969][T14154]  new_slab+0x23b/0x330
[  550.806238][T14154]  ___slab_alloc+0xd9c/0x1940
[  550.881904][T14154]  __slab_alloc.constprop.0+0x56/0xb0
[  550.887500][T14154]  __kmalloc_cache_noprof+0xfb/0x3e0
[  550.941966][T14154]  ipv6_add_dev+0x6b7/0x15f0
[  550.946717][T14154]  addrconf_notify+0x53e/0x19e0
[  550.951587][T14154]  notifier_call_chain+0xbc/0x410
[  550.961159][T14170] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  550.984058][T14154]  call_netdevice_notifiers_info+0xbe/0x140
[  550.990040][T14154]  register_netdevice+0x182e/0x2270
[  551.045732][T14154]  veth_newlink+0x446/0xa00
[  551.087446][T14154]  rtnl_newlink+0xc45/0x2000
[  551.194829][T14154]  rtnetlink_rcv_msg+0x95b/0xe90
[  551.252007][T14154] page last free pid 5833 tgid 5833 stack trace:
[  551.301942][T14154]  __free_frozen_pages+0x7fe/0x1180
[  551.307303][T14154]  __put_partials+0x16d/0x1c0
[  551.361930][T14154]  qlist_free_all+0x4d/0x120
[  551.456723][T14154]  kasan_quarantine_reduce+0x195/0x1e0
[  551.481863][T14154]  __kasan_slab_alloc+0x69/0x90
[  551.486816][T14154]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  551.522086][T14154]  kset_create_and_add+0x4d/0x190
[  551.527210][T14154]  netdev_register_kobject+0x1c8/0x3a0
[  551.544701][T14154]  register_netdevice+0x13dc/0x2270
[  551.575442][T14154]  veth_newlink+0x446/0xa00
[  551.580035][T14154]  rtnl_newlink+0xc45/0x2000
[  551.611894][T14154]  rtnetlink_rcv_msg+0x95b/0xe90
[  551.617018][T14154]  netlink_rcv_skb+0x155/0x420
[  551.637293][T14154]  netlink_unicast+0x53d/0x7f0
[  551.651836][T14154]  netlink_sendmsg+0x8d1/0xdd0
[  551.656667][T14154]  __sys_sendto+0x4a0/0x520
[  552.353138][ T6145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.547573][T14189] random: crng reseeded on system resumption
[  552.655107][ T6145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.190504][ T6145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.621054][T14209] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1517'.
[  555.495335][T14216] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  557.107512][ T6145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  557.136281][ T6145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  557.173076][ T6145] bond0 (unregistering): Released all slaves
[  558.220166][ T6145] tipc: Left network mode
[  559.292508][T14229] vhci_hcd: not connected 4
[  560.368236][T14280] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  560.389738][T14282] random: crng reseeded on system resumption
[  560.463705][T14280] FAULT_INJECTION: forcing a failure.
[  560.463705][T14280] name failslab, interval 1, probability 0, space 0, times 0
[  560.587975][T14280] CPU: 1 UID: 0 PID: 14280 Comm: syz.1.1529 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  560.588040][T14280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  560.588058][T14280] Call Trace:
[  560.588069][T14280]  <TASK>
[  560.588080][T14280]  dump_stack_lvl+0x16c/0x1f0
[  560.588157][T14280]  should_fail_ex+0x512/0x640
[  560.588204][T14280]  ? __kmalloc_noprof+0xbf/0x510
[  560.588255][T14280]  ? ima_write_template_field_data+0x5d/0x1f0
[  560.588295][T14280]  should_failslab+0xc2/0x120
[  560.588343][T14280]  __kmalloc_noprof+0xd2/0x510
[  560.588404][T14280]  ima_write_template_field_data+0x5d/0x1f0
[  560.588466][T14280]  ima_eventdigest_init_common+0x154/0x430
[  560.588535][T14280]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  560.588608][T14280]  ? rcu_is_watching+0x12/0xc0
[  560.588640][T14280]  ? trace_kmalloc+0x2b/0xd0
[  560.588673][T14280]  ? __kmalloc_noprof+0x242/0x510
[  560.588722][T14280]  ? __print_lock_name+0x91/0xe0
[  560.588760][T14280]  ima_alloc_init_template+0x3a0/0x720
[  560.588803][T14280]  ima_store_measurement+0x1eb/0x5c0
[  560.588841][T14280]  ? __pfx_ima_store_measurement+0x10/0x10
[  560.588876][T14280]  ? vfs_getxattr_alloc+0xec/0x340
[  560.588934][T14280]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  560.588988][T14280]  process_measurement+0x1ddb/0x23e0
[  560.589064][T14280]  ? __pfx_process_measurement+0x10/0x10
[  560.589120][T14280]  ? alloc_empty_file+0x73/0x1e0
[  560.589155][T14280]  ? hugetlb_file_setup+0x4cd/0x620
[  560.589189][T14280]  ? ksys_mmap_pgoff+0x189/0x5c0
[  560.589223][T14280]  ? __x64_sys_mmap+0x125/0x190
[  560.589331][T14280]  ima_file_mmap+0x1b1/0x1d0
[  560.589393][T14280]  ? __pfx_ima_file_mmap+0x10/0x10
[  560.589452][T14280]  security_mmap_file+0x88c/0x990
[  560.589498][T14280]  vm_mmap_pgoff+0xec/0x450
[  560.589535][T14280]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  560.589564][T14280]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  560.589600][T14280]  ? hugetlbfs_get_inode+0x31f/0x730
[  560.589646][T14280]  ksys_mmap_pgoff+0x1c8/0x5c0
[  560.589687][T14280]  __x64_sys_mmap+0x125/0x190
[  560.589745][T14280]  do_syscall_64+0xcd/0x490
[  560.589777][T14280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.589807][T14280] RIP: 0033:0x7f1012b8e929
[  560.589831][T14280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.589861][T14280] RSP: 002b:00007f10139fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  560.589889][T14280] RAX: ffffffffffffffda RBX: 00007f1012db5fa0 RCX: 00007f1012b8e929
[  560.589908][T14280] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000
[  560.589926][T14280] RBP: 00007f1012c10b39 R08: 0000000000000401 R09: 0000300000000000
[  560.589944][T14280] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  560.589960][T14280] R13: 0000000000000000 R14: 00007f1012db5fa0 R15: 00007fffab342d28
[  560.590005][T14280]  </TASK>
[  560.874194][   T30] audit: type=1804 audit(4294967328.500:21): pid=14280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.1529" name="anon_hugepage" dev="hugetlbfs" ino=48539 res=0 errno=0
[  560.989807][T13901] syz.4.1487 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  560.999779][T13901] CPU: 1 UID: 0 PID: 13901 Comm: syz.4.1487 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  560.999814][T13901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  560.999831][T13901] Call Trace:
[  560.999841][T13901]  <TASK>
[  560.999851][T13901]  dump_stack_lvl+0x16c/0x1f0
[  560.999902][T13901]  dump_header+0x101/0x930
[  560.999949][T13901]  oom_kill_process+0x270/0xa60
[  561.000005][T13901]  out_of_memory+0x350/0x1700
[  561.000059][T13901]  ? __pfx_out_of_memory+0x10/0x10
[  561.000136][T13901]  mem_cgroup_out_of_memory+0x118/0x130
[  561.000177][T13901]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  561.000227][T13901]  ? do_raw_spin_unlock+0x172/0x230
[  561.000283][T13901]  try_charge_memcg+0x72b/0xd50
[  561.000323][T13901]  ? __pfx_try_charge_memcg+0x10/0x10
[  561.000377][T13901]  ? __print_lock_name+0x91/0xe0
[  561.000410][T13901]  ? rcu_read_unlock+0x17/0x60
[  561.000454][T13901]  charge_memcg+0x8a/0x230
[  561.000485][T13901]  __mem_cgroup_charge+0x2b/0x1e0
[  561.000524][T13901]  shmem_alloc_and_add_folio+0x514/0xc20
[  561.000580][T13901]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  561.000631][T13901]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  561.000687][T13901]  shmem_get_folio_gfp+0x67f/0x1600
[  561.000743][T13901]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  561.000793][T13901]  ? __pte_offset_map_lock+0x174/0x310
[  561.000833][T13901]  shmem_write_begin+0x160/0x300
[  561.000881][T13901]  ? find_held_lock+0x2b/0x80
[  561.000910][T13901]  ? __pfx_shmem_write_begin+0x10/0x10
[  561.000959][T13901]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  561.001006][T13901]  ? __pfx_timestamp_truncate+0x10/0x10
[  561.001062][T13901]  generic_perform_write+0x3cd/0x930
[  561.001121][T13901]  ? __pfx_generic_perform_write+0x10/0x10
[  561.001171][T13901]  ? inode_needs_update_time.part.0+0x191/0x270
[  561.001232][T13901]  shmem_file_write_iter+0x10e/0x140
[  561.001267][T13901]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  561.001298][T13901]  __kernel_write_iter+0x317/0xa90
[  561.001357][T13901]  ? __pfx___kernel_write_iter+0x10/0x10
[  561.001397][T13901]  ? __up_read+0x1f8/0x750
[  561.001444][T13901]  ? dump_user_range+0x745/0xb60
[  561.001485][T13901]  dump_user_range+0x41f/0xb60
[  561.001528][T13901]  ? __pfx_dump_user_range+0x10/0x10
[  561.001562][T13901]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  561.001611][T13901]  ? __pfx_writenote+0x10/0x10
[  561.001668][T13901]  elf_core_dump+0x288a/0x3a90
[  561.001740][T13901]  ? __pfx_elf_core_dump+0x10/0x10
[  561.001788][T13901]  ? find_held_lock+0x2b/0x80
[  561.001815][T13901]  ? 0xffffffffff600000
[  561.001842][T13901]  ? rcu_is_watching+0x12/0xc0
[  561.001869][T13901]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  561.001909][T13901]  ? lockdep_hardirqs_on+0x7c/0x110
[  561.002014][T13901]  ? do_coredump+0x399f/0x4f10
[  561.002044][T13901]  do_coredump+0x399f/0x4f10
[  561.002092][T13901]  ? __pfx_do_coredump+0x10/0x10
[  561.002126][T13901]  ? find_held_lock+0x2b/0x80
[  561.002154][T13901]  ? is_bpf_text_address+0x8a/0x1a0
[  561.002197][T13901]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  561.002232][T13901]  ? is_bpf_text_address+0x94/0x1a0
[  561.002271][T13901]  ? kernel_text_address+0x8d/0x100
[  561.002315][T13901]  ? __kernel_text_address+0xd/0x40
[  561.002356][T13901]  ? unwind_get_return_address+0x59/0xa0
[  561.002423][T13901]  ? stack_depot_save_flags+0x28/0xa40
[  561.002469][T13901]  ? __lock_acquire+0xb8a/0x1c90
[  561.002509][T13901]  ? kasan_save_stack+0x42/0x60
[  561.002549][T13901]  ? kasan_save_stack+0x33/0x60
[  561.002587][T13901]  ? kasan_save_track+0x14/0x30
[  561.002635][T13901]  ? kasan_save_free_info+0x3b/0x60
[  561.002666][T13901]  ? __kasan_slab_free+0x51/0x70
[  561.002704][T13901]  ? kmem_cache_free+0x2d1/0x4d0
[  561.002739][T13901]  ? __sigqueue_free+0xba/0x2a0
[  561.002771][T13901]  ? get_signal+0xcba/0x26d0
[  561.002797][T13901]  ? arch_do_signal_or_restart+0x8f/0x790
[  561.002878][T13901]  ? proc_coredump_connector+0x2d1/0x4f0
[  561.002931][T13901]  ? __pfx_proc_coredump_connector+0x10/0x10
[  561.002987][T13901]  ? rcu_is_watching+0x12/0xc0
[  561.003037][T13901]  get_signal+0x22e3/0x26d0
[  561.003086][T13901]  ? __pfx_get_signal+0x10/0x10
[  561.003131][T13901]  arch_do_signal_or_restart+0x8f/0x790
[  561.003168][T13901]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  561.003213][T13901]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  561.003263][T13901]  ? do_error_trap+0x214/0x240
[  561.003306][T13901]  irqentry_exit_to_user_mode+0x12a/0x270
[  561.003360][T13901]  asm_exc_invalid_op+0x1a/0x20
[  561.003389][T13901] RIP: 0033:0x0
[  561.003408][T13901] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  561.003423][T13901] RSP: 002b:0000000000000009 EFLAGS: 00010217
[  561.003446][T13901] RAX: 0000000000000000 RBX: 00007f3070fb6080 RCX: 00007f3070d8e929
[  561.003465][T13901] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000020003b45
[  561.003482][T13901] RBP: 00007f3070e10b39 R08: 0000000000000004 R09: 0000000000000000
[  561.003500][T13901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  561.003516][T13901] R13: 0000000000000001 R14: 00007f3070fb6080 R15: 00007fff9aba9058
[  561.003554][T13901]  </TASK>
[  561.788799][T13901] memory: usage 307200kB, limit 307200kB, failcnt 20760
[  561.898418][T13901] memory+swap: usage 431548kB, limit 9007199254740988kB, failcnt 0
[  561.906488][T13901] kmem: usage 3072kB, limit 9007199254740988kB, failcnt 0
[  561.913687][T13901] Memory cgroup stats for /syz4:
[  561.913845][T13901] cache 311103488
[  561.971563][T13901] rss 221184
[  562.100112][T13901] rss_huge 0
[  562.148804][T14288] netlink: 13832 bytes leftover after parsing attributes in process `syz.3.1527'.
[  562.212402][T13901] shmem 311103488
[  562.216126][T13901] mapped_file 0
[  562.219626][T13901] dirty 0
[  562.355149][T13901] writeback 0
[  562.425733][T13901] workingset_refault_anon 1147
[  562.430595][T13901] workingset_refault_file 0
[  562.461663][T13901] swap 127332352
[  562.465605][T13901] swapcached 81920
[  562.469364][T13901] pgpgin 129381
[  562.473881][T13901] pgpgout 53356
[  562.477397][T13901] pgfault 34494
[  562.481751][T13901] pgmajfault 196
[  562.587900][T14310] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1532'.
[  562.597323][T14310] nbd: must specify a device to reconfigure
[  562.732084][T13901] inactive_anon 310304768
[  562.736574][T13901] active_anon 589824
[  562.740505][T13901] inactive_file 0
[  562.760983][T13901] active_file 0
[  562.768095][T13901] unevictable 0
[  562.772479][T13901] hierarchical_memory_limit 314572800
[  562.777971][T13901] hierarchical_memsw_limit 9223372036854771712
[  562.786846][T13901] total_cache 311103488
[  562.792100][T13901] total_rss 221184
[  562.795924][T13901] total_rss_huge 0
[  562.799742][T13901] total_shmem 311103488
[  563.041004][T13901] total_mapped_file 0
[  563.045204][T13901] total_dirty 0
[  563.052000][T13901] total_writeback 0
[  563.055873][T13901] total_workingset_refault_anon 1147
[  563.061191][T13901] total_workingset_refault_file 0
[  563.066399][T13901] total_swap 127332352
[  563.071921][T13901] total_swapcached 81920
[  563.089260][T13901] total_pgpgin 129381
[  563.093922][T13901] total_pgpgout 53356
[  563.255231][T13901] total_pgfault 34494
[  563.324769][T14322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35
[  563.461196][T13901] total_pgmajfault 196
[  563.508839][ T6145] hsr_slave_0: left promiscuous mode
[  563.612796][T13901] total_inactive_anon 310304768
[  563.617740][T13901] total_active_anon 589824
[  563.781043][ T6145] hsr_slave_1: left promiscuous mode
[  563.808156][ T6145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  563.825398][T13901] total_inactive_file 0
[  563.829629][T13901] total_active_file 0
[  563.834570][T13901] total_unevictable 0
[  563.866476][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  563.913180][T13901] anon_cost 11629
[  564.049654][ T6145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  564.065364][T13901] file_cost 0
[  564.080662][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  564.084049][T13901] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1487,pid=13928,uid=0
[  564.093531][T14324] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1533'.
[  564.199448][T13901] Memory cgroup out of memory: Killed process 13928 (syz.4.1487) total-vm:102532kB, anon-rss:952kB, file-rss:48808kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  564.280146][ T6145] veth1_macvtap: left promiscuous mode
[  564.307647][ T6145] veth1_vlan: left promiscuous mode
[  564.333546][ T6145] veth0_vlan: left promiscuous mode
[  565.725119][T14340] FAULT_INJECTION: forcing a failure.
[  565.725119][T14340] name fail_futex, interval 1, probability 0, space 0, times 0
[  565.752065][T14340] CPU: 0 UID: 0 PID: 14340 Comm: syz.0.1535 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  565.752107][T14340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  565.752127][T14340] Call Trace:
[  565.752138][T14340]  <TASK>
[  565.752151][T14340]  dump_stack_lvl+0x16c/0x1f0
[  565.752211][T14340]  should_fail_ex+0x512/0x640
[  565.752267][T14340]  get_futex_key+0x1d0/0x1540
[  565.752311][T14340]  ? __pfx_get_futex_key+0x10/0x10
[  565.752366][T14340]  futex_wake+0xea/0x530
[  565.752412][T14340]  ? rcu_is_watching+0x12/0xc0
[  565.752445][T14340]  ? __pfx_futex_wake+0x10/0x10
[  565.752496][T14340]  ? kmem_cache_free+0x2d1/0x4d0
[  565.752539][T14340]  ? fd_install+0x225/0x750
[  565.752579][T14340]  ? putname+0x154/0x1a0
[  565.752616][T14340]  do_futex+0x1e3/0x350
[  565.752655][T14340]  ? __pfx_do_futex+0x10/0x10
[  565.752705][T14340]  __x64_sys_futex+0x1e0/0x4c0
[  565.752754][T14340]  ? __x64_sys_openat+0x174/0x210
[  565.752791][T14340]  ? __pfx___x64_sys_futex+0x10/0x10
[  565.752850][T14340]  do_syscall_64+0xcd/0x490
[  565.752885][T14340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.752918][T14340] RIP: 0033:0x7f8b56d8e929
[  565.752945][T14340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  565.752977][T14340] RSP: 002b:00007f8b57c430e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  565.753019][T14340] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa8 RCX: 00007f8b56d8e929
[  565.753041][T14340] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8b56fb5fac
[  565.753060][T14340] RBP: 00007f8b56fb5fa0 R08: 00007f8b57c44000 R09: 0000000000000000
[  565.753078][T14340] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f8b56fb5fac
[  565.753097][T14340] R13: 0000000000000000 R14: 00007ffdefdcdd20 R15: 00007ffdefdcde08
[  565.753146][T14340]  </TASK>
[  566.425733][   T32] oom_reaper: reaped process 13928 (syz.4.1487), now anon-rss:104kB, file-rss:27468kB, shmem-rss:0kB
[  567.090949][T14348] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1538'.
[  567.104127][T14348] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1538'.
[  567.209151][T14350] netlink: 'syz.0.1539': attribute type 4 has an invalid length.
[  567.217245][T14350] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1539'.
[  567.226511][T14350] IPv6: NLM_F_CREATE should be specified when creating new route
[  567.235822][T14350] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  567.243518][T14350] IPv6: NLM_F_CREATE should be set when creating new route
[  567.320155][T14352] FAULT_INJECTION: forcing a failure.
[  567.320155][T14352] name failslab, interval 1, probability 0, space 0, times 0
[  567.333014][T14352] CPU: 0 UID: 0 PID: 14352 Comm: syz.0.1541 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  567.333049][T14352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  567.333066][T14352] Call Trace:
[  567.333076][T14352]  <TASK>
[  567.333086][T14352]  dump_stack_lvl+0x16c/0x1f0
[  567.333138][T14352]  should_fail_ex+0x512/0x640
[  567.333181][T14352]  ? fs_reclaim_acquire+0xae/0x150
[  567.333219][T14352]  should_failslab+0xc2/0x120
[  567.333248][T14352]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  567.333294][T14352]  ? security_inode_alloc+0x3b/0x2b0
[  567.333331][T14352]  security_inode_alloc+0x3b/0x2b0
[  567.333366][T14352]  inode_init_always_gfp+0xce4/0x1030
[  567.333414][T14352]  alloc_inode+0x86/0x240
[  567.333444][T14352]  path_from_stashed+0x2be/0xb00
[  567.333494][T14352]  ? __pfx_path_from_stashed+0x10/0x10
[  567.333544][T14352]  ? find_held_lock+0x2b/0x80
[  567.333572][T14352]  ? alloc_fd+0x471/0x7d0
[  567.333613][T14352]  pidfs_alloc_file+0xf8/0x330
[  567.333647][T14352]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  567.333683][T14352]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.333727][T14352]  pidfd_prepare+0x10c/0x1b0
[  567.333762][T14352]  fanotify_read+0x1107/0x27d0
[  567.333804][T14352]  ? aa_file_perm+0x4d6/0xfb0
[  567.333846][T14352]  ? __pfx_fanotify_read+0x10/0x10
[  567.333886][T14352]  ? __pfx_aa_file_perm+0x10/0x10
[  567.333925][T14352]  ? __lock_acquire+0x622/0x1c90
[  567.333961][T14352]  ? copy_iovec_from_user+0x131/0x170
[  567.334009][T14352]  ? iovec_from_user+0xbb/0x140
[  567.334044][T14352]  ? __pfx_woken_wake_function+0x10/0x10
[  567.334095][T14352]  ? rw_verify_area+0xcf/0x680
[  567.334132][T14352]  ? __pfx_fanotify_read+0x10/0x10
[  567.334160][T14352]  vfs_readv+0x5c1/0x8b0
[  567.334203][T14352]  ? __pfx_vfs_readv+0x10/0x10
[  567.334241][T14352]  ? vfs_write+0x15d/0x1150
[  567.334311][T14352]  ? do_readv+0x132/0x340
[  567.334342][T14352]  do_readv+0x132/0x340
[  567.334376][T14352]  ? __pfx_do_readv+0x10/0x10
[  567.334423][T14352]  do_syscall_64+0xcd/0x490
[  567.334451][T14352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.334480][T14352] RIP: 0033:0x7f8b56d8e929
[  567.334501][T14352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.334529][T14352] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  567.334553][T14352] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  567.334570][T14352] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000000
[  567.334586][T14352] RBP: 00007f8b57c43090 R08: 0000000000000000 R09: 0000000000000000
[  567.334602][T14352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.334617][T14352] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  567.334652][T14352]  </TASK>
[  567.871756][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  567.878767][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  568.629735][ T6145] team0 (unregistering): Port device team_slave_1 removed
[  568.801455][ T6145] team0 (unregistering): Port device team_slave_0 removed
[  568.890114][T14368] random: crng reseeded on system resumption
[  572.259758][T14413] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  572.520146][T14408] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  572.632691][T14418] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  572.726489][T14418] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  573.645700][T14434] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  574.457262][T14452] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1554'.
[  574.471905][T14452] nbd: must specify a device to reconfigure
[  574.774341][T14455] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1555'.
[  576.111237][T14486] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  576.471566][T14495] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  577.628038][T14514] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  577.886930][T14520] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.211941][T14529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1567'.
[  578.326615][T14532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1568'.
[  578.567601][T14534] FAULT_INJECTION: forcing a failure.
[  578.567601][T14534] name failslab, interval 1, probability 0, space 0, times 0
[  578.612012][T14534] CPU: 0 UID: 0 PID: 14534 Comm: syz.0.1568 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  578.612064][T14534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  578.612079][T14534] Call Trace:
[  578.612087][T14534]  <TASK>
[  578.612096][T14534]  dump_stack_lvl+0x16c/0x1f0
[  578.612140][T14534]  should_fail_ex+0x512/0x640
[  578.612178][T14534]  ? fs_reclaim_acquire+0xae/0x150
[  578.612209][T14534]  should_failslab+0xc2/0x120
[  578.612231][T14534]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  578.612285][T14534]  ? security_inode_alloc+0x3b/0x2b0
[  578.612316][T14534]  security_inode_alloc+0x3b/0x2b0
[  578.612342][T14534]  inode_init_always_gfp+0xce4/0x1030
[  578.612380][T14534]  alloc_inode+0x86/0x240
[  578.612405][T14534]  sock_alloc+0x40/0x280
[  578.612431][T14534]  sock_create_lite+0x82/0x120
[  578.612459][T14534]  __netlink_kernel_create+0xbd/0x750
[  578.612489][T14534]  ? __pfx___netlink_kernel_create+0x10/0x10
[  578.612523][T14534]  ? __pfx_crypto_netlink_init+0x10/0x10
[  578.612561][T14534]  crypto_netlink_init+0xb7/0x140
[  578.612596][T14534]  ? cpus_read_unlock+0x83/0x150
[  578.612621][T14534]  ? __pfx_crypto_netlink_init+0x10/0x10
[  578.612656][T14534]  ? __nf_register_net_hook+0x371/0x730
[  578.612681][T14534]  ? __pfx_crypto_netlink_rcv+0x10/0x10
[  578.612718][T14534]  ? nf_register_net_hook+0x117/0x160
[  578.612742][T14534]  ? nf_register_net_hooks+0xb1/0xd0
[  578.612768][T14534]  ops_init+0x1df/0x5f0
[  578.612794][T14534]  setup_net+0x1ff/0x510
[  578.612816][T14534]  ? lockdep_init_map_type+0x5c/0x280
[  578.612849][T14534]  ? __pfx_setup_net+0x10/0x10
[  578.612875][T14534]  ? debug_mutex_init+0x37/0x70
[  578.612900][T14534]  copy_net_ns+0x2a6/0x5f0
[  578.612929][T14534]  create_new_namespaces+0x3ea/0xa90
[  578.612971][T14534]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  578.613008][T14534]  ksys_unshare+0x45b/0xa40
[  578.613060][T14534]  ? __pfx_ksys_unshare+0x10/0x10
[  578.613096][T14534]  ? xfd_validate_state+0x61/0x180
[  578.613135][T14534]  __x64_sys_unshare+0x31/0x40
[  578.613166][T14534]  do_syscall_64+0xcd/0x490
[  578.613190][T14534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.613214][T14534] RIP: 0033:0x7f8b56d8e929
[  578.613233][T14534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.613256][T14534] RSP: 002b:00007f8b57c22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  578.613282][T14534] RAX: ffffffffffffffda RBX: 00007f8b56fb6080 RCX: 00007f8b56d8e929
[  578.613299][T14534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  578.613313][T14534] RBP: 00007f8b56e10b39 R08: 0000000000000000 R09: 0000000000000000
[  578.613327][T14534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  578.613341][T14534] R13: 0000000000000000 R14: 00007f8b56fb6080 R15: 00007ffdefdcde08
[  578.613371][T14534]  </TASK>
[  578.901101][    C0] vkms_vblank_simulate: vblank timer overrun
[  579.134134][T14540] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  579.591658][T14547] random: crng reseeded on system resumption
[  580.171002][T14562] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1572'.
[  582.576282][T14620] FAULT_INJECTION: forcing a failure.
[  582.576282][T14620] name failslab, interval 1, probability 0, space 0, times 0
[  582.592073][T14620] CPU: 1 UID: 0 PID: 14620 Comm: syz.1.1581 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  582.592112][T14620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  582.592129][T14620] Call Trace:
[  582.592139][T14620]  <TASK>
[  582.592150][T14620]  dump_stack_lvl+0x16c/0x1f0
[  582.592222][T14620]  should_fail_ex+0x512/0x640
[  582.592268][T14620]  ? fs_reclaim_acquire+0xae/0x150
[  582.592306][T14620]  ? tomoyo_encode2+0x100/0x3e0
[  582.592347][T14620]  should_failslab+0xc2/0x120
[  582.592377][T14620]  __kmalloc_noprof+0xd2/0x510
[  582.592432][T14620]  tomoyo_encode2+0x100/0x3e0
[  582.592481][T14620]  tomoyo_encode+0x29/0x50
[  582.592522][T14620]  tomoyo_realpath_from_path+0x18f/0x6e0
[  582.592578][T14620]  tomoyo_check_open_permission+0x2ab/0x3c0
[  582.592615][T14620]  ? init_file+0x93/0x4c0
[  582.592644][T14620]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  582.592682][T14620]  ? pidfd_prepare+0x10c/0x1b0
[  582.592720][T14620]  ? do_readv+0x132/0x340
[  582.592758][T14620]  ? do_syscall_64+0xcd/0x490
[  582.592835][T14620]  ? find_held_lock+0x2b/0x80
[  582.592875][T14620]  tomoyo_file_open+0x6b/0x90
[  582.592928][T14620]  security_file_open+0x84/0x1e0
[  582.592969][T14620]  do_dentry_open+0x596/0x1c10
[  582.593033][T14620]  vfs_open+0x82/0x3f0
[  582.593071][T14620]  dentry_open+0x71/0xd0
[  582.593104][T14620]  pidfs_alloc_file+0x1ca/0x330
[  582.593142][T14620]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  582.593183][T14620]  ? _raw_spin_unlock_irq+0x23/0x50
[  582.593231][T14620]  pidfd_prepare+0x10c/0x1b0
[  582.593270][T14620]  fanotify_read+0x1107/0x27d0
[  582.593326][T14620]  ? aa_file_perm+0x4d6/0xfb0
[  582.593371][T14620]  ? __pfx_fanotify_read+0x10/0x10
[  582.593404][T14620]  ? __pfx_aa_file_perm+0x10/0x10
[  582.593444][T14620]  ? __lock_acquire+0x622/0x1c90
[  582.593499][T14620]  ? copy_iovec_from_user+0x131/0x170
[  582.593554][T14620]  ? iovec_from_user+0xbb/0x140
[  582.593594][T14620]  ? __pfx_woken_wake_function+0x10/0x10
[  582.593649][T14620]  ? rw_verify_area+0xcf/0x680
[  582.593689][T14620]  ? __pfx_fanotify_read+0x10/0x10
[  582.593721][T14620]  vfs_readv+0x5c1/0x8b0
[  582.593771][T14620]  ? __pfx_vfs_readv+0x10/0x10
[  582.593812][T14620]  ? vfs_write+0x15d/0x1150
[  582.593895][T14620]  ? do_readv+0x132/0x340
[  582.593929][T14620]  do_readv+0x132/0x340
[  582.593968][T14620]  ? __pfx_do_readv+0x10/0x10
[  582.594030][T14620]  do_syscall_64+0xcd/0x490
[  582.594063][T14620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.594094][T14620] RIP: 0033:0x7f1012b8e929
[  582.594118][T14620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  582.594148][T14620] RSP: 002b:00007f10139fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  582.594176][T14620] RAX: ffffffffffffffda RBX: 00007f1012db5fa0 RCX: 00007f1012b8e929
[  582.594195][T14620] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000000
[  582.594212][T14620] RBP: 00007f10139fa090 R08: 0000000000000000 R09: 0000000000000000
[  582.594230][T14620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  582.594247][T14620] R13: 0000000000000000 R14: 00007f1012db5fa0 R15: 00007fffab342d28
[  582.594286][T14620]  </TASK>
[  582.594315][T14620] ERROR: Out of memory at tomoyo_realpath_from_path.
[  585.538871][T14671] random: crng reseeded on system resumption
[  586.923126][T14692] FAULT_INJECTION: forcing a failure.
[  586.923126][T14692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  586.944215][T14692] CPU: 1 UID: 0 PID: 14692 Comm: syz.0.1592 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  586.944252][T14692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  586.944269][T14692] Call Trace:
[  586.944278][T14692]  <TASK>
[  586.944288][T14692]  dump_stack_lvl+0x16c/0x1f0
[  586.944338][T14692]  should_fail_ex+0x512/0x640
[  586.944383][T14692]  _copy_to_user+0x32/0xd0
[  586.944412][T14692]  fanotify_read+0x6e9/0x27d0
[  586.944454][T14692]  ? aa_file_perm+0x4d6/0xfb0
[  586.944497][T14692]  ? __pfx_fanotify_read+0x10/0x10
[  586.944529][T14692]  ? __pfx_aa_file_perm+0x10/0x10
[  586.944568][T14692]  ? __lock_acquire+0x622/0x1c90
[  586.944605][T14692]  ? copy_iovec_from_user+0x131/0x170
[  586.944653][T14692]  ? iovec_from_user+0xbb/0x140
[  586.944688][T14692]  ? __pfx_woken_wake_function+0x10/0x10
[  586.944746][T14692]  ? rw_verify_area+0xcf/0x680
[  586.944782][T14692]  ? __pfx_fanotify_read+0x10/0x10
[  586.944809][T14692]  vfs_readv+0x5c1/0x8b0
[  586.944853][T14692]  ? __pfx_vfs_readv+0x10/0x10
[  586.944890][T14692]  ? vfs_write+0x15d/0x1150
[  586.944979][T14692]  ? do_readv+0x132/0x340
[  586.945013][T14692]  do_readv+0x132/0x340
[  586.945051][T14692]  ? __pfx_do_readv+0x10/0x10
[  586.945102][T14692]  do_syscall_64+0xcd/0x490
[  586.945132][T14692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.945162][T14692] RIP: 0033:0x7f8b56d8e929
[  586.945185][T14692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  586.945215][T14692] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  586.945246][T14692] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  586.945266][T14692] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000000
[  586.945283][T14692] RBP: 00007f8b57c43090 R08: 0000000000000000 R09: 0000000000000000
[  586.945301][T14692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  586.945319][T14692] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  586.945357][T14692]  </TASK>
[  588.237177][T14715] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  588.435041][T14721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1599'.
[  588.583543][T14723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1599'.
[  589.479365][T14742] ERROR: Out of memory at tomoyo_memory_ok.
[  589.956854][T14759] FAULT_INJECTION: forcing a failure.
[  589.956854][T14759] name failslab, interval 1, probability 0, space 0, times 0
[  589.997063][T14759] CPU: 1 UID: 0 PID: 14759 Comm: syz.4.1607 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  589.997102][T14759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  589.997116][T14759] Call Trace:
[  589.997123][T14759]  <TASK>
[  589.997131][T14759]  dump_stack_lvl+0x16c/0x1f0
[  589.997174][T14759]  should_fail_ex+0x512/0x640
[  589.997210][T14759]  ? __kmalloc_noprof+0xbf/0x510
[  589.997248][T14759]  ? drm_ioctl+0x4cc/0xc30
[  589.997267][T14759]  should_failslab+0xc2/0x120
[  589.997289][T14759]  __kmalloc_noprof+0xd2/0x510
[  589.997322][T14759]  ? drm_dev_exit+0x41/0x60
[  589.997349][T14759]  drm_ioctl+0x4cc/0xc30
[  589.997373][T14759]  ? __pfx_drm_mode_rmfb_ioctl+0x10/0x10
[  589.997404][T14759]  ? __pfx_drm_ioctl+0x10/0x10
[  589.997443][T14759]  ? find_held_lock+0x2b/0x80
[  589.997480][T14759]  ? __pfx_drm_ioctl+0x10/0x10
[  589.997529][T14759]  __x64_sys_ioctl+0x18e/0x210
[  589.997564][T14759]  do_syscall_64+0xcd/0x490
[  589.997587][T14759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.997610][T14759] RIP: 0033:0x7f3070d8e929
[  589.997627][T14759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.997648][T14759] RSP: 002b:00007f3071c1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  589.997669][T14759] RAX: ffffffffffffffda RBX: 00007f3070fb5fa0 RCX: 00007f3070d8e929
[  589.997683][T14759] RDX: ffffffffffffffff RSI: 00000000901064af RDI: 0000000000000006
[  589.997697][T14759] RBP: 00007f3070e10b39 R08: 0000000000000000 R09: 0000000000000000
[  589.997711][T14759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.997724][T14759] R13: 0000000000000000 R14: 00007f3070fb5fa0 R15: 00007fff9aba9058
[  589.997751][T14759]  </TASK>
[  590.457871][T14762] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1606'.
[  590.876708][T14772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  591.536148][T12159] Bluetooth: Frame is too long (len 38, expected len 4)
[  592.296633][T14803] FAULT_INJECTION: forcing a failure.
[  592.296633][T14803] name failslab, interval 1, probability 0, space 0, times 0
[  592.383350][T14803] CPU: 1 UID: 0 PID: 14803 Comm: syz.4.1616 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  592.383393][T14803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.383419][T14803] Call Trace:
[  592.383428][T14803]  <TASK>
[  592.383441][T14803]  dump_stack_lvl+0x16c/0x1f0
[  592.383495][T14803]  should_fail_ex+0x512/0x640
[  592.383552][T14803]  ? __kmalloc_noprof+0xbf/0x510
[  592.383597][T14803]  ? drm_ioctl+0x4cc/0xc30
[  592.383621][T14803]  should_failslab+0xc2/0x120
[  592.383648][T14803]  __kmalloc_noprof+0xd2/0x510
[  592.383687][T14803]  ? drm_dev_exit+0x41/0x60
[  592.383722][T14803]  drm_ioctl+0x4cc/0xc30
[  592.383753][T14803]  ? __pfx_drm_mode_rmfb_ioctl+0x10/0x10
[  592.383791][T14803]  ? __pfx_drm_ioctl+0x10/0x10
[  592.383838][T14803]  ? find_held_lock+0x2b/0x80
[  592.383883][T14803]  ? __pfx_drm_ioctl+0x10/0x10
[  592.383930][T14803]  __x64_sys_ioctl+0x18e/0x210
[  592.383966][T14803]  do_syscall_64+0xcd/0x490
[  592.383995][T14803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.384023][T14803] RIP: 0033:0x7f3070d8e929
[  592.384046][T14803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.384073][T14803] RSP: 002b:00007f3071c1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  592.384100][T14803] RAX: ffffffffffffffda RBX: 00007f3070fb5fa0 RCX: 00007f3070d8e929
[  592.384118][T14803] RDX: ffffffffffffffff RSI: 00000000901064af RDI: 0000000000000005
[  592.384146][T14803] RBP: 00007f3070e10b39 R08: 0000000000000000 R09: 0000000000000000
[  592.384162][T14803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  592.384196][T14803] R13: 0000000000000000 R14: 00007f3070fb5fa0 R15: 00007fff9aba9058
[  592.384232][T14803]  </TASK>
[  592.723901][T14801] FAULT_INJECTION: forcing a failure.
[  592.723901][T14801] name failslab, interval 1, probability 0, space 0, times 0
[  592.797895][T14801] CPU: 0 UID: 0 PID: 14801 Comm: syz.1.1615 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  592.797934][T14801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.797951][T14801] Call Trace:
[  592.797960][T14801]  <TASK>
[  592.797971][T14801]  dump_stack_lvl+0x16c/0x1f0
[  592.798019][T14801]  should_fail_ex+0x512/0x640
[  592.798058][T14801]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  592.798102][T14801]  should_failslab+0xc2/0x120
[  592.798128][T14801]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  592.798168][T14801]  ? mark_held_locks+0x49/0x80
[  592.798202][T14801]  ? key_alloc+0x3e0/0x1390
[  592.798241][T14801]  key_alloc+0x3e0/0x1390
[  592.798306][T14801]  ? __pfx_key_alloc+0x10/0x10
[  592.798342][T14801]  ? __pfx_key_default_cmp+0x10/0x10
[  592.798413][T14801]  ? __pfx_keyring_search_iterator+0x10/0x10
[  592.798462][T14801]  keyring_alloc+0x44/0xc0
[  592.798511][T14801]  look_up_user_keyrings+0x510/0x760
[  592.798554][T14801]  ? __pfx_look_up_user_keyrings+0x10/0x10
[  592.798605][T14801]  lookup_user_key+0x1a3/0x1300
[  592.798647][T14801]  ? __pfx_lookup_user_key+0x10/0x10
[  592.798681][T14801]  ? do_futex+0x122/0x350
[  592.798727][T14801]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  592.798792][T14801]  ? fput+0x70/0xf0
[  592.798835][T14801]  keyctl_keyring_clear+0x24/0x1a0
[  592.798870][T14801]  __do_sys_keyctl+0x355/0x590
[  592.798906][T14801]  do_syscall_64+0xcd/0x490
[  592.798939][T14801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.798971][T14801] RIP: 0033:0x7f1012b8e929
[  592.798995][T14801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.799027][T14801] RSP: 002b:00007f10139d9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  592.799056][T14801] RAX: ffffffffffffffda RBX: 00007f1012db6080 RCX: 00007f1012b8e929
[  592.799077][T14801] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007
[  592.799094][T14801] RBP: 00007f1012c10b39 R08: 0000000000000008 R09: 0000000000000000
[  592.799113][T14801] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  592.799130][T14801] R13: 0000000000000000 R14: 00007f1012db6080 R15: 00007fffab342d28
[  592.799171][T14801]  </TASK>
[  593.018619][    C0] vkms_vblank_simulate: vblank timer overrun
[  594.318824][T14822] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  594.347024][T14822] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38
[  594.652997][T14823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39
[  595.015094][T14822] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  597.249620][T14881] netlink: 'syz.0.1629': attribute type 4 has an invalid length.
[  598.185879][T14904] FAULT_INJECTION: forcing a failure.
[  598.185879][T14904] name failslab, interval 1, probability 0, space 0, times 0
[  598.227388][T14904] CPU: 1 UID: 0 PID: 14904 Comm: syz.4.1634 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  598.227429][T14904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  598.227447][T14904] Call Trace:
[  598.227457][T14904]  <TASK>
[  598.227468][T14904]  dump_stack_lvl+0x16c/0x1f0
[  598.227528][T14904]  should_fail_ex+0x512/0x640
[  598.227588][T14904]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  598.227640][T14904]  should_failslab+0xc2/0x120
[  598.227681][T14904]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  598.227723][T14904]  ? __pmd_alloc+0xbf/0x930
[  598.227760][T14904]  __pmd_alloc+0xbf/0x930
[  598.227788][T14904]  ? find_held_lock+0x2b/0x80
[  598.227818][T14904]  __handle_mm_fault+0xaac/0x5490
[  598.227866][T14904]  ? __pfx___handle_mm_fault+0x10/0x10
[  598.227900][T14904]  ? __pfx_mt_find+0x10/0x10
[  598.227952][T14904]  ? find_vma+0xbf/0x140
[  598.227980][T14904]  ? __pfx_find_vma+0x10/0x10
[  598.228014][T14904]  handle_mm_fault+0x589/0xd10
[  598.228060][T14904]  ? __pkru_allows_pkey+0x21/0xb0
[  598.228101][T14904]  do_user_addr_fault+0x7a6/0x1370
[  598.228145][T14904]  ? rcu_is_watching+0x12/0xc0
[  598.228178][T14904]  exc_page_fault+0x5c/0xb0
[  598.228221][T14904]  asm_exc_page_fault+0x26/0x30
[  598.228248][T14904] RIP: 0010:rep_movs_alternative+0x33/0x90
[  598.228285][T14904] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  598.228312][T14904] RSP: 0018:ffffc9000c7779c0 EFLAGS: 00050202
[  598.228346][T14904] RAX: 0018000300000020 RBX: 0000000000000018 RCX: 0000000000000018
[  598.228363][T14904] RDX: fffff520018eef70 RSI: ffffc9000c777b68 RDI: 0000000000000000
[  598.228383][T14904] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff520018eef6f
[  598.228400][T14904] R10: ffffc9000c777b7f R11: 0000000000000001 R12: ffffc9000c777b68
[  598.228418][T14904] R13: 0000000000000018 R14: 00007ffffffff000 R15: 0000000000000000
[  598.228453][T14904]  _copy_to_user+0xbb/0xd0
[  598.228481][T14904]  fanotify_read+0x6e9/0x27d0
[  598.228523][T14904]  ? aa_file_perm+0x4d6/0xfb0
[  598.228565][T14904]  ? __pfx_fanotify_read+0x10/0x10
[  598.228597][T14904]  ? __pfx_aa_file_perm+0x10/0x10
[  598.228635][T14904]  ? __lock_acquire+0x622/0x1c90
[  598.228669][T14904]  ? copy_iovec_from_user+0x131/0x170
[  598.228714][T14904]  ? iovec_from_user+0xbb/0x140
[  598.228749][T14904]  ? __pfx_woken_wake_function+0x10/0x10
[  598.228799][T14904]  ? rw_verify_area+0xcf/0x680
[  598.228834][T14904]  ? __pfx_fanotify_read+0x10/0x10
[  598.228861][T14904]  vfs_readv+0x5c1/0x8b0
[  598.228903][T14904]  ? __pfx_vfs_readv+0x10/0x10
[  598.228940][T14904]  ? vfs_write+0x15d/0x1150
[  598.229011][T14904]  ? do_readv+0x132/0x340
[  598.229045][T14904]  do_readv+0x132/0x340
[  598.229086][T14904]  ? __pfx_do_readv+0x10/0x10
[  598.229132][T14904]  do_syscall_64+0xcd/0x490
[  598.229161][T14904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.229187][T14904] RIP: 0033:0x7f3070d8e929
[  598.229209][T14904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  598.229234][T14904] RSP: 002b:00007f3071c1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  598.229258][T14904] RAX: ffffffffffffffda RBX: 00007f3070fb5fa0 RCX: 00007f3070d8e929
[  598.229276][T14904] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000000
[  598.229292][T14904] RBP: 00007f3071c1a090 R08: 0000000000000000 R09: 0000000000000000
[  598.229309][T14904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  598.229325][T14904] R13: 0000000000000000 R14: 00007f3070fb5fa0 R15: 00007fff9aba9058
[  598.229360][T14904]  </TASK>
[  598.821200][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  598.864086][T14898] zswap: compressor  not available
[  598.887031][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  598.904381][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  598.913536][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  598.922240][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  600.065024][T14907] chnl_net:caif_netlink_parms(): no params data found
[  600.116648][T14944] ACPI: Can not change Invalid GPE/Fixed Event status
[  600.132069][T14944] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1642'.
[  600.659517][T14907] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.711717][T14907] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.740423][T14907] bridge_slave_0: entered allmulticast mode
[  600.786275][T14907] bridge_slave_0: entered promiscuous mode
[  600.880684][T14907] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.933994][T14907] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.941480][T14907] bridge_slave_1: entered allmulticast mode
[  600.983463][T12159] Bluetooth: hci4: command tx timeout
[  601.013930][T14907] bridge_slave_1: entered promiscuous mode
[  601.230746][T14907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  601.363775][T14969] sp0: Synchronizing with TNC
[  601.373705][T14907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  601.653649][T14907] team0: Port device team_slave_0 added
[  601.713350][T14907] team0: Port device team_slave_1 added
[  601.829776][T14973] FAULT_INJECTION: forcing a failure.
[  601.829776][T14973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  601.891657][T14973] CPU: 0 UID: 0 PID: 14973 Comm: syz.4.1645 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  601.891699][T14973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  601.891717][T14973] Call Trace:
[  601.891727][T14973]  <TASK>
[  601.891737][T14973]  dump_stack_lvl+0x16c/0x1f0
[  601.891788][T14973]  should_fail_ex+0x512/0x640
[  601.891835][T14973]  strncpy_from_user+0x3b/0x2e0
[  601.891876][T14973]  getname_flags.part.0+0x8f/0x550
[  601.891912][T14973]  getname_flags+0x93/0xf0
[  601.891957][T14973]  do_sys_openat2+0xb8/0x1d0
[  601.891989][T14973]  ? __pfx_do_sys_openat2+0x10/0x10
[  601.892035][T14973]  __x64_sys_openat+0x174/0x210
[  601.892067][T14973]  ? __pfx___x64_sys_openat+0x10/0x10
[  601.892115][T14973]  do_syscall_64+0xcd/0x490
[  601.892144][T14973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.892173][T14973] RIP: 0033:0x7f3070d8e929
[  601.892195][T14973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.892224][T14973] RSP: 002b:00007f3071bf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  601.892252][T14973] RAX: ffffffffffffffda RBX: 00007f3070fb6080 RCX: 00007f3070d8e929
[  601.892270][T14973] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  601.892287][T14973] RBP: 00007f3070e10b39 R08: 0000000000000000 R09: 0000000000000000
[  601.892304][T14973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  601.892321][T14973] R13: 0000000000000000 R14: 00007f3070fb6080 R15: 00007fff9aba9058
[  601.892357][T14973]  </TASK>
[  602.048549][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.156243][T14907] batman_adv: batadv0: Adding interface: batadv_slave_0
[  602.173508][T14907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  602.457543][T14907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  602.680670][T14907] batman_adv: batadv0: Adding interface: batadv_slave_1
[  602.756198][T14907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  602.782149][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.891740][T14907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  603.065564][T12159] Bluetooth: hci4: command tx timeout
[  603.098951][T14907] hsr_slave_0: entered promiscuous mode
[  603.179149][T14907] hsr_slave_1: entered promiscuous mode
[  603.315838][   T30] audit: type=1800 audit(4294967371.230:22): pid=14987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1647" name="lu_gp_id" dev="configfs" ino=51329 res=0 errno=0
[  604.097366][T14907] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  604.147820][T14907] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  604.326414][T14907] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  604.421544][T14907] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  604.792889][T14907] 8021q: adding VLAN 0 to HW filter on device bond0
[  604.858693][T14907] 8021q: adding VLAN 0 to HW filter on device team0
[  604.896675][ T7169] bridge0: port 1(bridge_slave_0) entered blocking state
[  604.904118][ T7169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  604.939286][ T7193] bridge0: port 2(bridge_slave_1) entered blocking state
[  604.946535][ T7193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  605.152187][T12159] Bluetooth: hci4: command tx timeout
[  605.670089][T15041] FAULT_INJECTION: forcing a failure.
[  605.670089][T15041] name fail_futex, interval 1, probability 0, space 0, times 0
[  605.737973][T15041] CPU: 0 UID: 0 PID: 15041 Comm: syz.4.1657 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  605.738017][T15041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  605.738036][T15041] Call Trace:
[  605.738047][T15041]  <TASK>
[  605.738059][T15041]  dump_stack_lvl+0x16c/0x1f0
[  605.738115][T15041]  should_fail_ex+0x512/0x640
[  605.738162][T15041]  ? unwind_get_return_address+0x59/0xa0
[  605.738216][T15041]  get_futex_key+0x1d0/0x1540
[  605.738257][T15041]  ? __pfx_get_futex_key+0x10/0x10
[  605.738293][T15041]  ? stack_trace_save+0x8e/0xc0
[  605.738326][T15041]  ? __pfx_stack_trace_save+0x10/0x10
[  605.738361][T15041]  ? stack_depot_save_flags+0x28/0xa40
[  605.738416][T15041]  futex_wait_setup+0x9d/0x550
[  605.738471][T15041]  __futex_wait+0x194/0x2f0
[  605.738518][T15041]  ? __pfx___futex_wait+0x10/0x10
[  605.738571][T15041]  ? __pfx_futex_wake_mark+0x10/0x10
[  605.738649][T15041]  futex_wait+0xe8/0x380
[  605.738694][T15041]  ? __pfx_futex_wait+0x10/0x10
[  605.738746][T15041]  ? kmem_cache_free+0x2d1/0x4d0
[  605.738788][T15041]  ? fd_install+0x225/0x750
[  605.738825][T15041]  ? putname+0x154/0x1a0
[  605.738862][T15041]  do_futex+0x229/0x350
[  605.738900][T15041]  ? __pfx_do_futex+0x10/0x10
[  605.738956][T15041]  __x64_sys_futex+0x1e0/0x4c0
[  605.738988][T15041]  ? __x64_sys_openat+0x174/0x210
[  605.739016][T15041]  ? __pfx___x64_sys_futex+0x10/0x10
[  605.739057][T15041]  do_syscall_64+0xcd/0x490
[  605.739082][T15041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.739107][T15041] RIP: 0033:0x7f3070d8e929
[  605.739126][T15041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.739151][T15041] RSP: 002b:00007f3071c1a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  605.739175][T15041] RAX: ffffffffffffffda RBX: 00007f3070fb5fa8 RCX: 00007f3070d8e929
[  605.739191][T15041] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3070fb5fa8
[  605.739206][T15041] RBP: 00007f3070fb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  605.739222][T15041] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3070fb5fac
[  605.739237][T15041] R13: 0000000000000000 R14: 00007fff9aba8f70 R15: 00007fff9aba9058
[  605.739268][T15041]  </TASK>
[  605.961014][    C0] vkms_vblank_simulate: vblank timer overrun
[  606.585839][T14907] 8021q: adding VLAN 0 to HW filter on device batadv0
[  606.782274][T15051] ubi0: attaching mtd0
[  606.793877][T15051] ubi0: scanning is finished
[  606.798763][T15051] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  607.235932][T12159] Bluetooth: hci4: command tx timeout
[  607.329076][T15056] IPVS: length: 131 != 8
[  607.368141][T15051] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  608.285899][T14907] veth0_vlan: entered promiscuous mode
[  608.339147][T14907] veth1_vlan: entered promiscuous mode
[  608.359723][T15089] netlink: 'syz.0.1662': attribute type 11 has an invalid length.
[  608.372747][T15089] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  608.635045][T14907] veth0_macvtap: entered promiscuous mode
[  608.968124][T14907] veth1_macvtap: entered promiscuous mode
[  609.076067][T14907] batman_adv: batadv0: Interface activated: batadv_slave_0
[  609.508022][T14907] batman_adv: batadv0: Interface activated: batadv_slave_1
[  609.526898][T14907] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  609.558150][T14907] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  609.605973][T14907] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  609.703247][T14907] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  610.184313][ T7193] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  610.205347][ T7193] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  610.430195][ T6148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  610.450644][ T6148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  611.075168][T15152] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1670'.
[  611.252552][T15157] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  611.699465][T15167] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  612.324097][T15170] vhci_hcd: not connected 4
[  612.809076][T15187] netlink: 9232 bytes leftover after parsing attributes in process `syz.5.1676'.
[  612.820015][T15187] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  613.926951][T15198] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  614.491686][T15198] random: crng reseeded on system resumption
[  614.966389][T15221] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1682'.
[  616.146778][T15230] vhci_hcd: not connected 4
[  617.764504][T15271] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1695'.
[  617.796316][T15271] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1695'.
[  618.134881][T15281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1694'.
[  618.694035][T15267] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1694'.
[  619.444096][T15299] netlink: 9232 bytes leftover after parsing attributes in process `syz.1.1699'.
[  619.458459][T15296] vhci_hcd: not connected 4
[  619.492027][T15299] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  621.625387][T15326] relay: one or more items not logged [item size (56) > sub-buffer size (4)]
[  622.746637][T15345] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  622.827193][T15348] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1710'.
[  624.707237][T15378] vhci_hcd: not connected 4
[  625.081344][T15392] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  625.490085][T15406] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  625.597370][T15410] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  625.695783][T15410] ==================================================================
[  625.703913][T15410] BUG: KASAN: wild-memory-access in get_futex_key+0x595/0x1540
[  625.711508][T15410] Read of size 8 at addr 1fffffff8d9e3618 by task syz.0.1720/15410
[  625.719464][T15410] 
[  625.721825][T15410] CPU: 0 UID: 0 PID: 15410 Comm: syz.0.1720 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  625.721862][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  625.721881][T15410] Call Trace:
[  625.721891][T15410]  <TASK>
[  625.721902][T15410]  dump_stack_lvl+0x116/0x1f0
[  625.721950][T15410]  kasan_report+0xe0/0x110
[  625.721979][T15410]  ? get_futex_key+0x595/0x1540
[  625.722017][T15410]  kasan_check_range+0x100/0x1b0
[  625.722050][T15410]  get_futex_key+0x595/0x1540
[  625.722080][T15410]  ? __pfx_get_futex_key+0x10/0x10
[  625.722108][T15410]  ? try_to_wake_up+0xa2f/0x1680
[  625.722132][T15410]  ? __pfx_try_to_wake_up+0x10/0x10
[  625.722157][T15410]  futex_wait_setup+0x9d/0x550
[  625.722198][T15410]  __futex_wait+0x194/0x2f0
[  625.722245][T15410]  ? __pfx___futex_wait+0x10/0x10
[  625.722279][T15410]  ? __pfx_futex_wake+0x10/0x10
[  625.722316][T15410]  ? __pfx_futex_wake_mark+0x10/0x10
[  625.722356][T15410]  ? do_futex+0x122/0x350
[  625.722385][T15410]  ? __pfx_do_futex+0x10/0x10
[  625.722414][T15410]  ? irqentry_exit+0x3b/0x90
[  625.722455][T15410]  __x64_sys_futex_wait+0x3f7/0x470
[  625.722491][T15410]  ? __pfx___x64_sys_futex_wait+0x10/0x10
[  625.722523][T15410]  ? native_tss_update_io_bitmap+0x3e1/0x770
[  625.722562][T15410]  ? syscall_user_dispatch+0x78/0x140
[  625.722605][T15410]  do_syscall_64+0xcd/0x490
[  625.722627][T15410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.722653][T15410] RIP: 0033:0x7f8b56d8e929
[  625.722672][T15410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.722698][T15410] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c7
[  625.722722][T15410] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  625.722738][T15410] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 00002000000002c0
[  625.722754][T15410] RBP: 00007f8b56e10b39 R08: 0000000000000000 R09: 0000000000000000
[  625.722769][T15410] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000000
[  625.722784][T15410] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  625.722808][T15410]  </TASK>
[  625.722816][T15410] ==================================================================
[  626.013619][T15410] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  626.020893][T15410] CPU: 1 UID: 0 PID: 15410 Comm: syz.0.1720 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  626.031275][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  626.041368][T15410] Call Trace:
[  626.044660][T15410]  <TASK>
[  626.047629][T15410]  dump_stack_lvl+0x3d/0x1f0
[  626.052252][T15410]  panic+0x71c/0x800
[  626.056174][T15410]  ? __pfx_panic+0x10/0x10
[  626.060619][T15410]  ? rcu_is_watching+0x12/0xc0
[  626.065419][T15410]  ? preempt_schedule_thunk+0x16/0x30
[  626.070844][T15410]  ? get_futex_key+0x595/0x1540
[  626.075713][T15410]  ? preempt_schedule_common+0x44/0xc0
[  626.081206][T15410]  ? get_futex_key+0x595/0x1540
[  626.086074][T15410]  check_panic_on_warn+0xab/0xb0
[  626.091041][T15410]  end_report+0x107/0x170
[  626.095404][T15410]  kasan_report+0xee/0x110
[  626.099836][T15410]  ? get_futex_key+0x595/0x1540
[  626.104711][T15410]  kasan_check_range+0x100/0x1b0
[  626.109667][T15410]  get_futex_key+0x595/0x1540
[  626.114370][T15410]  ? __pfx_get_futex_key+0x10/0x10
[  626.119499][T15410]  ? try_to_wake_up+0xa2f/0x1680
[  626.124459][T15410]  ? __pfx_try_to_wake_up+0x10/0x10
[  626.129675][T15410]  futex_wait_setup+0x9d/0x550
[  626.134473][T15410]  __futex_wait+0x194/0x2f0
[  626.139003][T15410]  ? __pfx___futex_wait+0x10/0x10
[  626.144053][T15410]  ? __pfx_futex_wake+0x10/0x10
[  626.148930][T15410]  ? __pfx_futex_wake_mark+0x10/0x10
[  626.154245][T15410]  ? do_futex+0x122/0x350
[  626.158598][T15410]  ? __pfx_do_futex+0x10/0x10
[  626.163299][T15410]  ? irqentry_exit+0x3b/0x90
[  626.167934][T15410]  __x64_sys_futex_wait+0x3f7/0x470
[  626.173173][T15410]  ? __pfx___x64_sys_futex_wait+0x10/0x10
[  626.178917][T15410]  ? native_tss_update_io_bitmap+0x3e1/0x770
[  626.184927][T15410]  ? syscall_user_dispatch+0x78/0x140
[  626.190335][T15410]  do_syscall_64+0xcd/0x490
[  626.194859][T15410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.200774][T15410] RIP: 0033:0x7f8b56d8e929
[  626.205201][T15410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.224828][T15410] RSP: 002b:00007f8b57c43038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c7
[  626.233262][T15410] RAX: ffffffffffffffda RBX: 00007f8b56fb5fa0 RCX: 00007f8b56d8e929
[  626.241249][T15410] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 00002000000002c0
[  626.249235][T15410] RBP: 00007f8b56e10b39 R08: 0000000000000000 R09: 0000000000000000
[  626.257222][T15410] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000000
[  626.265210][T15410] R13: 0000000000000000 R14: 00007f8b56fb5fa0 R15: 00007ffdefdcde08
[  626.273204][T15410]  </TASK>
[  626.276569][T15410] Kernel Offset: disabled
[  626.280911][T15410] Rebooting in 86400 seconds..